A vulnerability, which was classified as critical , has been found in Totolink A3300R 17.0.0cu.557_B20221024 . Affected is an unknown function of the file /cgi-bin/cstecgi.cgi . The manipulation of the argument pppoeMtu leads to command injection. This vulnerability is documented as CVE-2026-31164 . The attack can be initiated remotely. There is not any exploit available.