{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5176", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-30T18:53:39.769Z", "datePublished": "2026-03-31T01:15:13.970Z", "dateUpdated": "2026-03-31T15:33:16.783Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-31T01:15:13.970Z"}, "title": "Totolink A3300R cstecgi.cgi setSyslogCfg command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Totolink", "product": "A3300R", "versions": [{"version": "17.0.0cu.557_b20221024", "status": "affected"}], "cpes": ["cpe:2.3:o:totolink:a3300r_firmware:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-30T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-30T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-30T20:58:52.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "LvHW (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/vuln/354244", "name": "VDB-354244 | Totolink A3300R cstecgi.cgi setSyslogCfg command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/354244/cti", "name": "VDB-354244 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/779145", "name": "Submit #779145 | Totolink A3300R 17.0.0cu.557_b20221024 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/LvHongW/Vuln-of-totolink_A3300R/tree/main/A3300R_rtLogServer_cmd_inject", "tags": ["exploit"]}, {"url": "https://www.totolink.net/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T15:33:06.664773Z", "id": "CVE-2026-5176", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:33:16.783Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5176", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T15:33:06.664773Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T15:33:13.238Z"}}], "cna": {"title": "Totolink A3300R cstecgi.cgi setSyslogCfg command injection", "credits": [{"lang": "en", "type": "reporter", "value": "LvHW (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:o:totolink:a3300r_firmware:*:*:*:*:*:*:*:*"], "vendor": "Totolink", "product": "A3300R", "versions": [{"status": "affected", "version": "17.0.0cu.557_b20221024"}]}], "timeline": [{"lang": "en", "time": "2026-03-30T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-30T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-30T20:58:52.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/354244", "name": "VDB-354244 | Totolink A3300R cstecgi.cgi setSyslogCfg command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/354244/cti", "name": "VDB-354244 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/779145", "name": "Submit #779145 | Totolink A3300R 17.0.0cu.557_b20221024 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/LvHongW/Vuln-of-totolink_A3300R/tree/main/A3300R_rtLogServer_cmd_inject", "tags": ["exploit"]}, {"url": "https://www.totolink.net/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-31T01:15:13.970Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5176", "state": "PUBLISHED", "dateUpdated": "2026-03-31T15:33:16.783Z", "dateReserved": "2026-03-30T18:53:39.769Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-31T01:15:13.970Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024:*:*:*:*:*:*:*", "matchCriteriaId": "DD39B647-3419-4C6D-A6A2-30F40822A27D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F723A73-4B32-4F9E-B5DA-80134D4711C1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. Affected is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument provided results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks."}, {"lang": "es", "value": "Se ha descubierto una falla de seguridad en Totolink A3300R 17.0.0cu.557_b20221024. Afectada es la funci\u00f3n setSyslogCfg del archivo /cgi-bin/cstecgi.cgi. Realizar una manipulaci\u00f3n del argumento proporcionado resulta en inyecci\u00f3n de comandos. El ataque puede ser iniciado remotamente. El exploit ha sido publicado y puede ser utilizado para ataques."}], "id": "CVE-2026-5176", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-31T02:15:59.803", "references": [{"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/LvHongW/Vuln-of-totolink_A3300R/tree/main/A3300R_rtLogServer_cmd_inject"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/submit/779145"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/vuln/354244"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required", "VDB Entry"], "url": "https://vuldb.com/vuln/354244/cti"}, {"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://www.totolink.net/"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-77"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "17.0.0cu.557_b20221024"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "A3300R", "source": "cna", "vendor": "Totolink"}, "product": "a3300r", "vendor": "totolink"}], "analysis": {"en": {"generated_at": "2026-04-06T19:56:54.348863+00:00", "value": {"mitigation_remediation": ["Update the router to a firmware version that fixes the setSyslogCfg command injection.", "Disable remote Web management or restrict it to trusted IP ranges via the router\u2019s configuration or an external firewall.", "If a firmware update is not yet available, block HTTP access to /cgi-bin/cstecgi.cgi through the router\u2019s firewall or a network perimeter device.", "Monitor system logs for suspicious activity and consider implementing intrusion detection specific to command injection attempts."], "summary": {"action": "Immediate Patch", "impact": "Remote Command Execution via CGI Command Injection"}, "threat_synthesis": {"affected_systems": "This vulnerability is specific to the Totolink A3300R router, particularly those running firmware version 17.0.0cu.557_b20221024. Earlier firmware releases that contain the same implementation of setSyslogCfg are also potentially affected. The CPE identifiers for the affected product include cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024, which represents the vulnerable firmware configuration.", "description_and_impact": "A flaw in the Totolink A3300R router firmware 17.0.0cu.557_b20221024 allows an attacker to inject arbitrary shell commands through the setSyslogCfg function in the /cgi-bin/cstecgi.cgi script. Because the command is executed with the router\u2019s system privileges, successful exploitation can lead to full remote code execution, enabling an attacker to modify settings, retrieve configuration, or further compromise the device. The vulnerability arises from insufficient input validation and originates in the command injection weakness described by CWE-74 and the improper handling of system commands, CWE-77.", "risk_and_exploitability": "The CVSS score of 6.9 indicates moderate severity, while the EPSS score of 5% suggests a relatively low probability of exploitation in the wild. However, the flaw can be triggered remotely without authentication, as the attack vector relies on making HTTP requests to the vulnerable CGI endpoint. Because the exploit code has been publicly released, the risk to devices exposed to the internet or accessible to hostile local actors is significant. The vulnerability is not listed in the CISA KEV catalog, but its nature of unvalidated command injection makes it a typical example of the CWE vulnerabilities listed."}}}}, "created": "2026-03-31T19:56:35.957447+00:00", "updated": "2026-04-07T08:08:17.688512+00:00", "vendors": ["totolink", "totolink$PRODUCT$a3300r"]}