CNNVD-202601-3065 Information

CNNVD ID

CNNVD-202601-3065

Related CVE

CVE-2026-1149

• CNNVD Published: 2026-01-19

Description (Chinese)

TOTOLINK LR350是中国吉翁电子（TOTOLINK）公司的一款无线路由器。 TOTOLINK LR350 9.3.5u.6369_B20220309版本存在命令注入漏洞，该漏洞源于对文件/cgi-bin/cstecgi.cgi中参数ip的错误操作，可能导致命令注入。

Description (English)

TOTOLINK LR350 is a wireless router of the Chinese company TOTOLINK. TOTOLINK LR 350 9.3.5u.6369 B20220309 has a command-injecting loophole, which stems from an error in the ip parameter in document/cgi-bin/cstecgi.cgi, which may lead to the command-injection.

Hazard Level

High

Vulnerability Type

命令注入

Affected Vendor

吉翁电子

Published

2026-01-19

Last Modified

2026-02-24

References

https://lavender-bicycle-a5a.notion.site/TOTOLINK-LR350-setDiagnosisCfg-2e453a41781f800d9ba9c6da80b55276?source=copy_link https://vuldb.com/?ctiid.341742 https://vuldb.com/?id.341742 https://vuldb.com/?submit.735695 https://www.totolink.net/