Plattform
other
Komponente
vuln-of-totolink_a3300r
Behoben in
17.0.1
CVE-2026-5105 describes a Command Injection vulnerability discovered in the Totolink A3300R firmware. This flaw allows attackers to execute arbitrary commands on the device, potentially leading to complete system compromise. The vulnerability affects firmware version 17.0.0cu.557_b20221024. A patch is expected, and temporary mitigation strategies are available.
The command injection vulnerability in Totolink A3300R firmware presents a significant security risk. An attacker can leverage this flaw to execute arbitrary system commands remotely, bypassing standard authentication mechanisms. This could lead to complete compromise of the router, including data exfiltration, modification of system configurations, and installation of malicious software. The attacker could potentially pivot from the router to other devices on the network, expanding the blast radius of the attack. Given the public availability of an exploit, the risk of exploitation is elevated, and organizations relying on this router should prioritize remediation.
CVE-2026-5105 is publicly known and an exploit is already available, significantly increasing the likelihood of exploitation. The vulnerability was published on 2026-03-30. The EPSS score is likely to be assessed as medium or high due to the public exploit and remote accessibility. Monitor security advisories from Totolink and relevant threat intelligence feeds for updates and potential active campaigns targeting this vulnerability. Refer to the NVD entry for further details and potential updates.
Organizations and individuals using the Totolink A3300R router with the affected firmware version are at risk. This includes small businesses, home users, and managed service providers who deploy this router in their networks. Shared hosting environments utilizing this router are particularly vulnerable due to the potential for cross-tenant exploitation.
• linux / server:
journalctl -u totolink_router -g "cstecgi.cgi"• generic web:
curl -s -I 'http://<router_ip>/cgi-bin/cstecgi.cgi?pptpPassThru=<malicious_payload>' | grep 'HTTP/1.1 500' # Check for error responses indicating command executiondisclosure
Exploit-Status
EPSS
2.16% (84% Perzentil)
CISA SSVC
CVSS-Vektor
Due to the lack of a provided fixed_in version, immediate mitigation steps are crucial. First, isolate the affected Totolink A3300R routers from external networks to prevent remote exploitation. Implement strict firewall rules to restrict access to the /cgi-bin/cstecgi.cgi endpoint. Consider deploying a Web Application Firewall (WAF) with rules to filter potentially malicious input in the pptpPassThru parameter, specifically looking for command injection payloads. Monitor router logs for suspicious activity, such as unexpected command executions. Regularly review and harden router configurations, disabling unnecessary services and features. After applying these mitigations, verify their effectiveness by attempting to access the vulnerable endpoint with benign test payloads.
Actualice el firmware del router Totolink A3300R a una versión posterior a 17.0.0cu.557_b20221024 proporcionada por el fabricante. Consulte el sitio web del proveedor para obtener la última versión del firmware e instrucciones de actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-5105 is a Command Injection vulnerability affecting Totolink A3300R routers running firmware version 17.0.0cu.557_b20221024. It allows attackers to execute commands on the device remotely.
You are affected if you are using a Totolink A3300R router with firmware version 17.0.0cu.557_b20221024. Check your router's firmware version and upgrade if possible.
The recommended fix is to upgrade to a patched firmware version from Totolink. Until a patch is available, implement WAF rules to block malicious requests.
Yes, an exploit for CVE-2026-5105 is publicly available, indicating a high probability of active exploitation.
Please refer to the Totolink website or security advisories for the official advisory regarding CVE-2026-5105.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.