Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

31 matches found

RedhatCVE
RedhatCVEadded last week5 views

CVE-2026-31175

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS5.9AI score0.00612EPSS
Exploits1References1
EUVD
EUVDadded 2026/04/23 6:33 p.m.5 views

EUVD-2026-25247

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stun-port parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00388EPSS
Exploits1References2
NVD
NVDadded 2026/04/23 6:16 p.m.1 views

CVE-2026-31179

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunPort parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS0.00388EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/23 12:0 a.m.3 views

CVE-2026-31162

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the ttlWay parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00388EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2026/04/23 12:0 a.m.1 views

CVE-2026-31167

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the mode parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00388EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.7 views

PT-2026-34717

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the interval parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00388EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/23 12:0 a.m.30 views

CVE-2026-31164

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi...

0.00388EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2026/04/23 12:0 a.m.1 views

CVE-2026-31176

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the stunuser parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00388EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2026/04/23 12:0 a.m.2 views

PT-2026-34706

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi...

9.8CVSS6.1AI score0.00612EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/04/23 12:0 a.m.1 views

CVE-2026-31171

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00388EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/04/23 12:0 a.m.26 views

CVE-2026-31166

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the hour parameter to /cgi-bin/cstecgi.cgi...

0.00137EPSS
Exploits1References1
CNVD
CNVDadded 2026/04/08 12:0 a.m.0 views

Totolink A3300R Command Injection Vulnerability

The Totolink A3300R is a wireless router from Totolink. A command injection vulnerability exists in Totolink A3300R version 17.0.0cu.557b20221024, which originates from improper handling of the pptpPassThru parameter by the setVpnPassCfg function in the /cgi-bin/cstecgi.cgi file in the component...

8.8CVSS6.8AI score0.00595EPSS
Exploits1
Cvelist
Cvelistadded 2026/03/31 1:15 a.m.25 views

CVE-2026-5176 Totolink A3300R cstecgi.cgi setSyslogCfg command injection

A security flaw has been discovered in Totolink A3300R 17.0.0cu.557b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been release...

7.5CVSS0.02279EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/31 12:0 a.m.3 views

PT-2026-29188

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557 b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is possible. The...

6.5CVSS5.6AI score0.00595EPSS
Exploits1References6
CNNVD
CNNVDadded 2026/03/31 12:0 a.m.4 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router produced by TOTOLINK Corporation. The TOTOLINK A3300R version 17.0.0cu.557b20221024 contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter “vlanPriLan3” in the file /cgi-bin/cstecgi.cgi, which may lead to...

8.8CVSS6.6AI score0.00595EPSS
Exploits1References5
EUVD
EUVDadded 2026/03/30 3:30 a.m.4 views

EUVD-2026-17053

A weakness has been identified in Totolink A3300R 17.0.0cu.557b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made...

8.8CVSS5.7AI score0.00595EPSS
Exploits1References6
CNNVD
CNNVDadded 2026/03/30 12:0 a.m.5 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router produced by TOTOLINK, a Chinese company. The TOTOLINK A3300R version 17.0.0cu.557b20221024 contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter “ip” in the file /cgi-bin/cstecgi.cgi, which may lead to...

8.8CVSS6.6AI score0.00595EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.4 views

PT-2026-28756

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A security flaw exists in the Totolink A3300R router. This issue involves a command injection impacting the setSmartQosCfg function within the /cgi-bin/cstecgi.cgi file of the Paramete...

6.5CVSS5.8AI score0.0232EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2026/03/30 12:0 a.m.1 views

PT-2026-28758

Name of the Vulnerable Software and Affected Versions Totolink A3300R version 17.0.0cu.557 b20221024 Description A security issue exists in Totolink A3300R version 17.0.0cu.557 b20221024. The setStaticRoute function within the /cgi-bin/cstecgi.cgi file is susceptible to command injection through...

6.5CVSS5.7AI score0.00595EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/10/27 12:0 a.m.3 views

PT-2025-43917

Name of the Vulnerable Software and Affected Versions TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description A flaw exists in TOTOLINK A3300R that could lead to a stack-based buffer overflow. The issue is located in the setOpModeCfg function within the /cgi-bin/cstecgi.cg file, specifically...

9CVSS6.8AI score0.00314EPSS
Exploits1References8
Rows per page
Query Builder