Summary
| Parameter | Value |
|---|---|
| CVE ID | CVE-2026-31178 |
| Alert Source | GitHub Advisory - Critical Vulnerability |
| CVE Publication Year | 2026 |
| Date Published | 2026-04-23 |
| Vendor | TOTOLINK |
| Product | A3300R |
| CVSS Score | 9.8 (critical) |
| EPSS Score | No data |
| CISA KEV | No |
| Ransomware | Not confirmed |
Vulnerability Description
An issue was discovered in TOTOLINK A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stunMaxAlive parameter to /cgi-bin/cstecgi.cgi.
Required Actions
Check the TOTOLINK website for the latest firmware update and deploy it without delay. Until the update is applied, block remote access to the router’s administrative interface, place the device in an isolated VLAN, and monitor traffic to the /cgi-bin/cstecgi.cgi endpoint for suspicious POST requests.
Who Is Affected?
This vulnerability affects the TOTOLINK A3300R router with firmware version v17.0.0cu.557_B20221024. Check whether your organization uses this model and immediately deploy firmware updates and network mitigations.
Sources
Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.
