A vulnerability labeled as critical has been found in Totolink A3300R 17.0.0cu.557_B20221024 . Impacted is an unknown function of the file /cgi-bin/cstecgi.cgi . The manipulation of the argument stun-user results in command injection. This vulnerability is identified as CVE-2026-31176 . The attack can be executed remotely. There is not any exploit available.