CVE-2026-5102 in Totolink A3300Rinformation

Résumé (Anglaise)

A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability affects the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument qos_up_bw results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

Divulgation

30/03/2026

Entrées

Publié	Base	Temp	Vulnérabilité	CWE	Prod	Exp	Con	EPSS	CTI	CVE
29/03/2026	6.3	5.7	Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg élévation de privilèges	77	Inconnu	Preuve de concept	Non défini	0.00000	4.74	CVE-2026-5102

Montrer plus

Description
Changements
Renseignements sur les menaces
API/JSON

◂ PrécédentAperçuSuivant ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!