CVE-2026-31164 | Totolink A3300R 17.0.0cu.557_B20221024 /cgi-bin/cstecgi.cgi pppoeMtu command injection

Inserito da Angelo Barbosa | Apr 23, 2026 | CVE

A vulnerability, which was classified as critical, has been found in Totolink A3300R 17.0.0cu.557_B20221024. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeMtu leads to command injection.

This vulnerability is documented as CVE-2026-31164. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-31164 | Totolink A3300R 17.0.0cu.557_B20221024 /cgi-bin/cstecgi.cgi pppoeMtu command injection

Post correlati

CVE-2024-32668 | FreeBSD USB off-by-one

CVE-2025-5894 | Honding Smart Parking Management System up to 1.4 authorization

CVE-2024-49283 | VillaTheme CURCY Plugin up to 2.2.3 on WordPress cross site scripting

CVE-2025-57520 | Decap CMS up to 3.8.3 Content Preview Pane body/tags/title/description cross site scripting