CNNVD-202510-3617 Information

CNNVD ID

CNNVD-202510-3617

Related CVE

CVE-2025-12241

• CNNVD Published: 2025-10-27

Description (Chinese)

TOTOLINK A3300R是中国吉翁电子（TOTOLINK）公司的一款无线路由器。 TOTOLINK A3300R 17.0.0cu.557_B20221024版本存在安全漏洞，该漏洞源于对文件/cgi-bin/cstecgi.cgi中参数lang的错误操作，可能导致栈缓冲区溢出。

Description (English)

TOTOLINK A3300R is a wireless router of the Chinese company TOTOLINK. A 17.0.0cu.557 B20221024 contains a security loophole that stems from an error in the lang of the parameter in document/cgi-bin/cstecgi.cgi, which could lead to the spilling out of the fence.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

吉翁电子

Published

2025-10-27

Last Modified

2026-02-24

References

https://github.com/noahze01/IoT-vulnerable/blob/main/TOTOLink/A3300R/setLanguageCfg.md https://vuldb.com/?ctiid.329911 https://vuldb.com/?id.329911 https://vuldb.com/?submit.673723 https://www.totolink.net/

Patch

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/241/ids/36.html