ГлавнаяУязвимости → CVE-2026-5176
7.3высокая

CVE-2026-5176

Описание

A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

Затрагиваемое ПО
Totolink A3300r firmwareTotolink A3300r
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/LvHongW/Vuln-of-totolink_A3300R/tree/main/A3300R_rtLogServer_cmd_injecthttps://vuldb.com/submit/779145https://vuldb.com/vuln/354244https://vuldb.com/vuln/354244/ctihttps://www.totolink.net/