Totolink Wa300 Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Totolink Wa300 Firmware.
By the Year
In 2026 there have been 2 vulnerabilities in Totolink Wa300 Firmware with an average score of 6.3 out of ten.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 2 | 6.30 |
It may take a day or so for new Wa300 Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Totolink Wa300 Firmware Security Vulnerabilities
Totolink WA300 Remote OS Command Injection via setAPNetwork (5.2cu.7112)
CVE-2026-2167
6.3 - Medium
- February 08, 2026
A vulnerability was detected in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used.
Shell injection
TOTOLINK WA300 5.2cu.7112 cmd injection in cstecgi.cgi sub_401510
CVE-2026-0641
6.3 - Medium
- January 06, 2026
A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Command Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Totolink Wa300 Firmware or by Totolink? Click the Watch button to subscribe.
