CVE-2026-5102 in Totolink A3300R
요약 (영어)
A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability affects the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument qos_up_bw results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.
공개
2026. 03. 30.
엔트리
| 게시됨 | 기본 | 임시 | 취약성 | CWE | 제품 | 악용 | 대책 | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 2026. 03. 29. | 6.3 | 5.7 | Totolink A3300R Parameter cstecgi.cgi setSmartQosCfg 권한 상승 | 77 | 알 수 없음 | 개념 증명 | 정의되지 않음 | 0.00000 | 4.91- | CVE-2026-5102 |