Totolink

Wa300 Firmware

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.3

CVE-2026-7721

  • EPSS 4.84%
  • Veröffentlicht 04.05.2026 03:16:12
  • Zuletzt bearbeitet 04.05.2026 15:18:40

A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime leads to command injection. The attack can be ex...

6.3

CVE-2026-7718

  • EPSS 3.75%
  • Veröffentlicht 04.05.2026 02:15:58
  • Zuletzt bearbeitet 04.05.2026 15:18:40

A vulnerability was identified in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injecti...

9.8

CVE-2026-7719

  • EPSS 0.1%
  • Veröffentlicht 04.05.2026 02:15:58
  • Zuletzt bearbeitet 04.05.2026 15:18:40

A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in b...

6.3

CVE-2026-7720

  • EPSS 4.84%
  • Veröffentlicht 04.05.2026 02:15:58
  • Zuletzt bearbeitet 04.05.2026 15:18:40

A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes comma...

8.8

CVE-2026-7717

Exploit
  • EPSS 0.09%
  • Veröffentlicht 04.05.2026 01:00:23
  • Zuletzt bearbeitet 04.05.2026 15:18:40

A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead t...

9.8

CVE-2026-4497

Exploit
  • EPSS 0.73%
  • Veröffentlicht 20.03.2026 19:16:20
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possi...

8.8

CVE-2026-2167

Exploit
  • EPSS 0.41%
  • Veröffentlicht 08.02.2026 17:15:58
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A vulnerability was detected in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be perfor...

8.8

CVE-2026-0641

Exploit
  • EPSS 2.12%
  • Veröffentlicht 06.01.2026 19:16:07
  • Zuletzt bearbeitet 29.04.2026 01:00:01

A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may...