UNKNOWNCVE-2026-5103
Totolink A3300R cstecgi.cgi setUPnPCfg command injection
Platform
other
Component
vuln-of-totolink_a3300r
A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.
How to fix
Actualice el firmware del router Totolink A3300R a una versión posterior a 17.0.0cu.557_b20221024 para mitigar la vulnerabilidad de inyección de comandos. Consulte el sitio web del proveedor para obtener la última versión del firmware y las instrucciones de actualización.
Monitor your dependencies automatically
Get notified when new vulnerabilities affect your projects. Free forever.
Start free