CVE-2026-3301 | Totolink N300RH 6.1c.1353_B20190305 Web Management Interface /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx os command injection

Inserito da Angelo Barbosa | Feb 26, 2026 | CVE

A vulnerability marked as critical has been reported in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection.

This vulnerability is identified as CVE-2026-3301. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-3301 | Totolink N300RH 6.1c.1353_B20190305 Web Management Interface /cgi-bin/cstecgi.cgi setWebWlanIdx webWlanIdx os command injection

Post correlati

CVE-2023-38019 | IBM SOAR QRadar Plugin App up to 5.0.3 URL path traversal (XFDB-260575)

CVE-2023-6943 | Mitsubishi Electric EZSocket unknown vulnerability

CVE-2023-49438 | Flask-Security-Too up to 5.3.2 on Python URL /login next redirect

CVE-2019-25256 | VideoFlow Digital Video Protection DVP 1.40.0.15/2.10/2.10.0.5 downloadsys.pl ID path traversal (Exploit 44386 / EDB-44386)