Totolink: >> A3300r Firmware >> 17.0.0cu.596_b20250515 Security Vulnerabilities
TOTOLINK A3300R V17.0.0cu.596_B20250515 is vulnerable to command injection in the function NTPSyncWithHost via the host_time parameter.
CVSS Score
6.5
EPSS Score
0.006
Published
2025-12-15
Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc parameters. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request.
CVSS Score
9.8
EPSS Score
0.639
Published
2025-07-17