A3300R Firmware CVE Vulnerabilities

By Totolink9 known vulnerabilities

Critical
1
High
0
Medium
8
Low
0
None
0

All A3300R Firmware CVEs

Recent Highest Score Oldest
CVE-2026-31176
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun_user parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31175
9.8 critical

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31174
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31172
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the user parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31171
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31165
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31164
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31160
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026
CVE-2026-31159
6.5 medium

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi.

Apr 23, 2026