CVE-2026-3301
Received Received - Intake
Remote OS Command Injection in Totolink N300RH Web Interface

Publication date: 2026-02-27

Last updated on: 2026-02-27

Assigner: VulDB

Description
A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-27
Last Modified
2026-02-27
Generated
2026-05-07
AI Q&A
2026-02-27
EPSS Evaluated
2026-05-05
NVD
CVE-2026-3301
EUVD
EUVD-2026-9003
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
totolink n300rh_firmware 6.1c.1349_b20181018
totolink n300rh_firmware 6.1c.1353_b20190305
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in the Totolink N300RH router, specifically in the setWebWlanIdx function of the Web Management Interface component located in the /cgi-bin/cstecgi.cgi file.

An attacker can manipulate the argument webWlanIdx to perform an OS command injection, which means they can execute arbitrary operating system commands on the device.

The attack can be initiated remotely without any authentication, making it highly dangerous.

Additionally, the exploit code for this vulnerability has been publicly released, increasing the risk of attacks.


How can this vulnerability impact me? :

This vulnerability can have severe impacts because it allows remote attackers to execute arbitrary operating system commands on the affected device.

Such control can lead to unauthorized access, data theft, device manipulation, or disruption of network services.

Since the exploit requires no authentication and can be performed remotely, it significantly increases the risk of compromise.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

I don't know


What immediate steps should I take to mitigate this vulnerability?

I don't know


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart