CVE-2026-5104: Command Injection in Totolink A3300R
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
AI Analysis
Technical Summary
The Totolink A3300R router firmware 17.0.0cu.557_b20221024 contains a command injection vulnerability in the setStaticRoute function of /cgi-bin/cstecgi.cgi. By manipulating the ip parameter, an attacker can execute arbitrary commands remotely. The vulnerability is remotely exploitable without authentication or user interaction, but with low complexity and limited scope. The CVSS 4.0 score of 5.3 reflects a medium severity impact. There is no information on available patches or vendor advisories, and no known active exploitation has been reported.
Potential Impact
Successful exploitation allows remote attackers to execute arbitrary commands on the affected device, potentially compromising the router's integrity and control. This could lead to unauthorized configuration changes or further network compromise. However, the medium CVSS score and lack of known exploits suggest limited immediate widespread impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict remote access to the router's management interface and monitor for unusual activity related to the setStaticRoute function. Avoid exposing the device's administrative interface to untrusted networks.
CVE-2026-5104: Command Injection in Totolink A3300R
Description
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip leads to command injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Totolink A3300R router firmware 17.0.0cu.557_b20221024 contains a command injection vulnerability in the setStaticRoute function of /cgi-bin/cstecgi.cgi. By manipulating the ip parameter, an attacker can execute arbitrary commands remotely. The vulnerability is remotely exploitable without authentication or user interaction, but with low complexity and limited scope. The CVSS 4.0 score of 5.3 reflects a medium severity impact. There is no information on available patches or vendor advisories, and no known active exploitation has been reported.
Potential Impact
Successful exploitation allows remote attackers to execute arbitrary commands on the affected device, potentially compromising the router's integrity and control. This could lead to unauthorized configuration changes or further network compromise. However, the medium CVSS score and lack of known exploits suggest limited immediate widespread impact.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict remote access to the router's management interface and monitor for unusual activity related to the setStaticRoute function. Avoid exposing the device's administrative interface to untrusted networks.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-03-29T17:50:53.126Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69c9e219e6bfc5ba1d89ce55
Added to database: 3/30/2026, 2:38:17 AM
Last enriched: 4/6/2026, 6:41:08 AM
Last updated: 5/14/2026, 10:36:38 AM
Views: 89
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.