Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-31160
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the provider parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31164
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeMtu parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31165
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the pppoeServiceName parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31171
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the url parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31172
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the user parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31174
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the informEnable parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31175
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunEnable parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-04-23
CVE-2026-31176
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun_user parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
6.5
EPSS Score
0.002
Published
2026-04-23
CVE-2026-31177
An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMinAlive parameter to /cgi-bin/cstecgi.cgi.
CVSS Score
9.8
EPSS Score
0.003
Published
2026-04-23
CVE-2025-50229
Jizhicms v2.5.4 is vulnerable to SQL injection in the product editing module.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-04-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved