Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-6919
Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVSS Score
9.6
EPSS Score
0.001
Published
2026-04-23
CVE-2026-6920
Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVSS Score
9.6
EPSS Score
0.001
Published
2026-04-23
CVE-2026-6921
Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVSS Score
8.3
EPSS Score
0.001
Published
2026-04-23
CVE-2026-31178
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMaxAlive parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-04-23
CVE-2026-31179
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunPort parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-04-23
CVE-2026-31181
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunServerAddr parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
9.8
EPSS Score
0.001
Published
2026-04-23
CVE-2026-31159
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31160
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31164
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31165
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved