Platform
other
Component
vuln-of-totolink_a3300r
Fixed in
17.0.1
CVE-2026-5103 describes a Command Injection vulnerability discovered in the Totolink A3300R firmware. This flaw allows a remote attacker to inject arbitrary commands by manipulating the 'enable' argument within the /cgi-bin/cstecgi.cgi file. The vulnerability impacts firmware version 17.0.0cu.557_b20221024 and a public exploit is already available, increasing the risk of immediate exploitation. Mitigation involves firmware upgrades or implementing network security controls.
Successful exploitation of CVE-2026-5103 allows an attacker to execute arbitrary commands on the affected Totolink A3300R router with system privileges. This could lead to complete compromise of the device, including data exfiltration, configuration modification, and potentially, lateral movement within the network. Given the publicly available exploit, the risk of immediate exploitation is high. An attacker could leverage this vulnerability to establish a persistent backdoor, monitor network traffic, or launch attacks against other systems on the same network. The blast radius extends to any systems accessible from the compromised router.
CVE-2026-5103 is a critical vulnerability due to the availability of a public exploit. The exploit's public release significantly increases the likelihood of widespread exploitation. While an EPSS score is not yet available, the public exploit suggests a high probability of exploitation. The vulnerability was publicly disclosed on 2026-03-30. Monitor security advisories from Totolink for updates and patch releases.
Exploit Status
EPSS
2.16% (84% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5103 is to upgrade the Totolink A3300R firmware to a patched version as soon as it becomes available. Until a patch is released, consider implementing a Web Application Firewall (WAF) to filter malicious requests targeting the /cgi-bin/cstecgi.cgi endpoint. Specifically, block requests containing suspicious characters or patterns in the 'enable' parameter. Network segmentation can also limit the potential impact of a successful attack by restricting access to the router from untrusted networks. Monitor router logs for unusual command execution activity. After upgrade, confirm by attempting to trigger the vulnerable command and verifying it is blocked or handled safely.
Update the Totolink A3300R router firmware to a version later than 17.0.0cu.557_b20221024 to mitigate the command injection (Command Injection) vulnerability. Refer to the vendor's website for the latest firmware version and update instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5103 is a Command Injection vulnerability affecting Totolink A3300R firmware, allowing remote attackers to execute commands. It has a medium severity rating (CVSS 6.3).
You are affected if you are using Totolink A3300R firmware version 17.0.0cu.557_b20221024. Check your firmware version and upgrade if possible.
Upgrade your Totolink A3300R firmware to a patched version as soon as it's available. Implement WAF rules as a temporary mitigation.
Yes, a public exploit is available, indicating a high probability of active exploitation.
Refer to the Totolink security advisories page for updates and official information regarding CVE-2026-5103.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.