A vulnerability classified as critical has been found in Totolink A3300R 17.0.0cu.557 . This affects an unknown function of the file /cgi-bin/cstecgi.cgi . Performing a manipulation of the argument provider results in command injection. This vulnerability is cataloged as CVE-2026-31160 . It is possible to initiate the attack remotely. There is no exploit available.