CVE-2026-5020 in Totolink A3600Rinformación

Resumen (Inglés)

A vulnerability was detected in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched remotely. The exploit is now public and may be used.

Divulgación

2026-03-29

Voces

ID	Vulnerabilidad	CWE	Base	Temp	0day	Hoy	Exp	KEV	EPSS	CTI	Con	CVE
353905	Totolink A3600R Parameter cstecgi.cgi setNoticeCfg escalada de privilegios	77	6.3	5.7	$0-$5k	$0-$5k	Prueba de concepto		0.02949	2.08	No está definido	CVE-2026-5020

Mostrar más

Descripción
Cambios
Inteligencia de amenazas
API/JSON

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!