VYPR

WA300

by Totolink

Source repositories

CVEs (7)

  • CVE-2026-7719CriMay 4, 2026
    risk 0.64cvss 9.8epss 0.01

    A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in buffer overflow. The attack…

  • CVE-2026-7717HigMay 4, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack…

  • CVE-2026-4497HigMar 20, 2026
    risk 0.48cvss 7.3epss 0.02

    A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2026-7721MedMay 4, 2026
    risk 0.41cvss 6.3epss 0.01

    A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime leads to command injection. The attack can be executed remotely. The exploit…

  • CVE-2026-7720MedMay 4, 2026
    risk 0.41cvss 6.3epss 0.01

    A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote…

  • CVE-2026-7718MedMay 4, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was identified in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be…

  • CVE-2026-0641MedJan 6, 2026
    risk 0.41cvss 6.3epss 0.02

    A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may be initiated remotely. The…