Lucene search
K

7645 matches found

CNNVD
CNNVD
added 2026/04/23 12:0 a.m.7 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R stunuser parameter, which originates from the failure of the stunuser parameter in the cstecgi.cgi file to properly validate user input, and can be exploite...

6.5CVSS6AI score0.00279EPSS
Exploits1References1
CVE
CVE
added 2026/04/23 12:0 a.m.10 views

CVE-2026-31179

ToToLink A3300R firmware v17.0.0cu.557_B20221024 has a vulnerability in the CGI endpoint /cgi-bin/cstecgi.cgi that allows attackers to execute arbitrary commands via the stun-port parameter. The root cause is the handling of the stun-port parameter in that CGI path, as described in multiple sourc...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.7 views

TOTOLINK A3300R 操作系统命令注入漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R stunMinAlive parameter, which stems from a failure to properly handle the stunMinAlive parameter in cstecgi.cgi, and can be exploited by an attacker to...

9.8CVSS6AI score0.00599EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.2 views

CVE-2026-31168

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the recHour parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R recHour parameter, which originates from the failure of the recHour parameter in the /cgi-bin/cstecgi.cgi file to correctly filter user input, and can be...

6.5CVSS6AI score0.00279EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/23 12:0 a.m.29 views

CVE-2026-31167

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the mode parameter to /cgi-bin/cstecgi.cgi...

0.00279EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.9 views

TOTOLINK A3300R 命令注入漏洞

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R informEnable parameter, which stems from the cstecgi.cgi file failing to properly validate the informEnable parameter and can be exploited by an attacke...

6.5CVSS6AI score0.00279EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.3 views

CVE-2026-31168

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the recHour parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00279EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.3 views

CVE-2026-31177

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00599EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/23 12:0 a.m.28 views

CVE-2026-31181

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunServerAddr parameter to /cgi-bin/cstecgi.cgi...

0.00578EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.11 views

PT-2026-34717

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the interval parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.4 views

CVE-2026-31171

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.6 views

PT-2026-34670

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
CVE
CVE
added 2026/04/23 12:0 a.m.15 views

CVE-2026-31172

The CVE-2026-31172 entry concerns ToToLink A3300R firmware, version 17.0.0cu.557_B20221024. The issue is a command injection in the CGI interface: attacker-controlled input in the user parameter to /cgi-bin/cstecgi.cgi can lead to arbitrary command execution on the device. According to the NVD en...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/04/23 12:0 a.m.14 views

CVE-2026-31162

Summary: CVE-2026-31162 affects ToToLink A3300R firmware. The issue is a command-injection problem in the web interface: an attacker can execute arbitrary commands via the ttlWay parameter to /cgi-bin/cstecgi.cgi in firmware version v17.0.0cu.557_B20221024. The CVSS 3.1 vector indicates network a...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/04/23 12:0 a.m.10 views

CVE-2026-31174

CVE-2026-31174 describes a command-injection vulnerability in ToToLink A3300R firmware 17.0.0cu.557_B20221024. An attacker can exploit the vulnerability by supplying crafted input to the informEnable parameter of the web CGI endpoint /cgi-bin/cstecgi.cgi, potentially executing arbitrary commands ...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2026/04/23 12:0 a.m.11 views

CVE-2026-31169

CVE-2026-31169 affects ToToLink A3300R firmware v17.0.0cu.557_B20221024. The issue allows attackers to execute arbitrary commands via the week parameter to /cgi-bin/cstecgi.cgi, with network access and no privileges required (CVSS 3.1: 6.5, Low confidentiality/integrity impact, no availability im...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.5 views

CVE-2026-31179

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunPort parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00279EPSS
Exploits1References1
CVE
CVE
added 2026/04/23 12:0 a.m.8 views

CVE-2026-31167

CVE-2026-31167 affects ToToLink A3300R firmware v17.0.0cu.557_B20221024. The issue is arbitrary commands execution via the mode parameter to /cgi-bin/cstecgi.cgi. Reported CVSS 3.1 base score 6.5 (Network, low complexity, no privileges required, user interaction not required). The connected sourc...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.5 views

PT-2026-34675

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00599EPSS
Exploits1References2
Rows per page
Query Builder