3 matches found
TOTOLINK A3300R dhcpMtu Parameter Command Injection Vulnerability
TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R dhcpMtu parameter, which can be exploited by an attacker to execute arbitrary commands by sending a specially crafted request to /cgi-bin/cstecgi.cgi...
EUVD-2026-25255
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi...
CVE-2026-31163
The CVE-2026-31163 entry concerns ToToLink A3300R firmware (v17.0.0cu.557_B20221024) where an attacker can execute arbitrary commands by supplying a crafted dhcpMtu parameter to /cgi-bin/cstecgi.cgi. The vulnerability is indicated with a CVSS v3.1 base score of 6.5 (Network, Low privileges requir...