CVE-2026-5178 | Totolink A3300R 17.0.0cu.557_b20221024 /cgi-bin/cstecgi.cgi setIptvCfg vlanPriLan3 command injection

A vulnerability has been found in Totolink A3300R 17.0.0cu.557_b20221024 and classified as critical. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection.

This vulnerability is referenced as CVE-2026-5178. Remote exploitation of the attack is possible. Furthermore, an exploit is available.VulDB Recent EntriesRead More