A vulnerability was found in Totolink A3300R 17.0.0cu.557_B20221024 . It has been rated as critical . This affects an unknown part of the file /cgi-bin/cstecgi.cgi . Performing a manipulation of the argument stunServerAddr results in command injection. This vulnerability was named CVE-2026-31181 . The attack may be initiated remotely. There is no available exploit.