Lucene search
K

14 matches found

NVD
NVD
added 2026/04/23 6:16 p.m.6 views

CVE-2026-31179

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunPort parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS0.00279EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.12 views

PT-2026-34717

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the interval parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.11 views

PT-2026-34706

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00578EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.6 views

CVE-2026-31176

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunuser parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.7 views

PT-2026-29188

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557 b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is possible. The...

6.5CVSS5.6AI score0.03664EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.6 views

PT-2026-28756

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A security flaw exists in the Totolink A3300R router. This issue involves a command injection impacting the setSmartQosCfg function within the /cgi-bin/cstecgi.cgi file of the Paramete...

6.5CVSS5.8AI score0.02164EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.9 views

PT-2026-28758

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A security issue exists in Totolink A3300R version 17.0.0cu.557 b20221024. The setStaticRoute function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through...

6.5CVSS5.7AI score0.02483EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43921

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A flaw exists in TOTOLINK A3300R version 17.0.0cu.557 B20221024 that allows for remote manipulation of the enable argument within the setSyslogCfg function located in the...

9CVSS6.6AI score0.0093EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/10/27 12:0 a.m.5 views

PT-2025-43917

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A flaw exists in TOTOLINK A3300R that could lead to a stack-based buffer overflow. The issue is located in the setOpModeCfg function within the /cgi-bin/cstecgi.cg file, specifically...

9CVSS6.8AI score0.0093EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/01/30 12:0 a.m.10 views

PT-2024-20364 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A command injection issue was discovered via the enable parameter in the setWiFiScheduleCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK A3300R...

9.8CVSS9.5AI score0.01615EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.4 views

PT-2024-19623 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A command injection issue was discovered via the hostName parameter in the setWanCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK A3300R version...

9.8CVSS9.6AI score0.0164EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/10/31 12:0 a.m.6 views

PT-2023-30277 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: The issue concerns a command injection via the file name parameter in the UploadFirmwareFile function. Recommendations: For TOTOLINK A3300R version 17.0.0cu.557 B20221024, avoid usin...

9.8CVSS7.4AI score0.01515EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/07 12:0 a.m.5 views

PT-2023-25818 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A command injection issue was found in the setTracerouteCfg function via the command parameter. Recommendations: For version 17.0.0cu.557 B20221024, consider disabling the...

9.8CVSS9.7AI score0.01674EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.5 views

TOTOLINK A3300R 命令注入漏洞

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R v17.0.0cu.557, which originates from a failure of the setddnscfg function of the request /cgi-bin/cstecgi.cgi to correctly filter constructed command...

9.8CVSS7.8AI score0.01778EPSS
Exploits0References4
Rows per page
Query Builder