VYPR

A3300r Firmware

by Totolink

Source repositories

CVEs (32)

  • CVE-2026-31160MedApr 23, 2026
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi.

  • CVE-2026-31159MedApr 23, 2026
    risk 0.42cvss 6.5epss 0.00

    An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi.

  • CVE-2026-5178MedMar 31, 2026
    risk 0.41cvss 6.3epss 0.04

    A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is…

  • CVE-2026-5177MedMar 31, 2026
    risk 0.41cvss 6.3epss 0.02

    A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. Affected by this vulnerability is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument rxRate can lead to command injection. The attack may be launched…

  • CVE-2026-5105MedMar 30, 2026
    risk 0.41cvss 6.3epss 0.04

    A vulnerability was detected in Totolink A3300R 17.0.0cu.557_b20221024. The affected element is the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument pptpPassThru results in command injection. It…

  • CVE-2026-5104MedMar 30, 2026
    risk 0.41cvss 6.3epss 0.02

    A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip leads to command injection. The attack may be performed from remote. The exploit…

  • CVE-2026-5103MedMar 30, 2026
    risk 0.41cvss 6.3epss 0.04

    A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes command injection. The attack is possible to be carried out remotely. The…

  • CVE-2026-5102MedMar 30, 2026
    risk 0.41cvss 6.3epss 0.02

    A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability affects the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument qos_up_bw results in command injection. The…

  • CVE-2026-5101MedMar 29, 2026
    risk 0.41cvss 6.3epss 0.02

    A vulnerability was identified in Totolink A3300R 17.0.0cu.557_b20221024. This affects the function setLanCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument lanIp leads to command injection. Remote exploitation of the attack…

  • CVE-2025-12260Oct 27, 2025
    risk 0.00cvss epss 0.01

    A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024. The impacted element is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. Such manipulation of the argument enable leads to stack-based buffer overflow. It…

  • CVE-2025-12259Oct 27, 2025
    risk 0.00cvss epss 0.01

    A flaw has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow. It is…

  • CVE-2025-12258Oct 27, 2025
    risk 0.00cvss epss 0.01

    A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557_B20221024. Impacted is the function setOpModeCfg of the file /cgi-bin/cstecgi.cg of the component POST Parameter Handler. The manipulation of the argument opmode results in stack-based buffer overflow. The attack may…

Page 2 of 2