CVE-2026-5176 | Totolink A3300R 17.0.0cu.557_b20221024 /cgi-bin/cstecgi.cgi setSyslogCfg provided command injection

A vulnerability, which was classified as critical, has been found in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection.

This vulnerability was named CVE-2026-5176. The attack may be initiated remotely. In addition, an exploit is available.VulDB Recent EntriesRead More