Impact
The vulnerability exists in the WA300’s cstecgi.cgi script, where the UPLOAD_FILENAME argument is not properly validated in the sub_401510 function. A maliciously crafted value can be used to inject arbitrary OS commands that are executed by the router’s shell. This can compromise confidentiality, integrity, and availability of the device.
Affected Systems
The issue affects TOTOLINK WA300 routers running firmware 5.2cu.7112_B20190227. Only the cstecgi.cgi component of the web‑management interface is involved. No other firmware versions or products are listed as impacted.
Risk and Exploitability
The CVSS base score is 5.3, indicating moderate severity, while an EPSS of 2 % suggests a low‑to‑moderate likelihood of exploitation. The vulnerability can be triggered remotely by sending a crafted HTTP request to the router’s management interface; the description does not specify whether authentication is required. It is not listed in the CISA KEV catalog, but publicly disclosed proof‑of‑concept code demonstrates that attackers could use this flaw against exposed devices. The likely attack vector is a remote HTTP request with a malicious UPLOAD_FILENAME parameter.
OpenCVE Enrichment