Skip to main content

TOTOLINK A800R CVE-2026-7503

| EUVDEUVD-2026-26450 HIGH
Classic Buffer Overflow (CWE-120)
2026-04-30 VulDB
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
PoC Detected
May 01, 2026 - 15:26 vuln.today
Public exploit code
Re-analysis Queued
Apr 30, 2026 - 22:22 vuln.today
cvss_changed
CVSS changed
Apr 30, 2026 - 22:22 NVD
8.8 (HIGH) 7.4 (HIGH)
Analysis Generated
Apr 30, 2026 - 22:16 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 22:00 euvd
EUVD-2026-26450
Analysis Generated
Apr 30, 2026 - 22:00 vuln.today
CVE Published
Apr 30, 2026 - 21:45 nvd
HIGH 7.4

DescriptionCVE.org

A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.

AnalysisAI

Buffer overflow in TOTOLINK A800R router firmware 4.1.2cu.5137 enables authenticated remote attackers to achieve arbitrary code execution with high privileges. The vulnerability exists in the setWiFiMultipleConfig function of the wireless configuration module (wireless.so) within the cstecgi.cgi web interface, exploitable via malformed wepkey2 parameter. Public proof-of-concept exploit code is available on GitHub. EPSS data not provided, CISA KEV status not listed, indicating exploitation is demonstrated but not yet observed in widespread campaigns.

Technical ContextAI

This is a classic stack-based buffer overflow (CWE-120) in embedded router firmware. The vulnerable component is the wireless.so shared library loaded by the cstecgi.cgi CGI handler, which processes WiFi configuration requests on TOTOLINK A800R routers. The setWiFiMultipleConfig function fails to validate the length of the wepkey2 parameter before copying it into a fixed-size stack buffer. When processing WEP key configuration through the web management interface, an attacker-controlled WEP key value exceeding buffer boundaries overwrites adjacent stack memory. In embedded Linux devices like this router, successful exploitation typically allows control of the instruction pointer, enabling arbitrary code execution in the context of the web server process (often running as root or with elevated privileges on SOHO routers). The CPE string identifies this as code-projects For Plugin, but cross-referencing the GitHub POC confirms this actually affects TOTOLINK A800R router hardware running firmware version 4.1.2cu.5137.

RemediationAI

No vendor-released patch identified at time of analysis - TOTOLINK vendor advisory not found in provided references. Immediate compensating controls: (1) Disable remote management access to the router's web interface, restricting access to local network only (eliminates remote attack vector but allows LAN-based exploitation). (2) Change default administrative credentials to strong unique passwords exceeding 16 characters (raises bar for PR:L requirement but does not eliminate vulnerability). (3) Implement network segmentation placing the router's management interface on isolated VLAN accessible only from dedicated admin workstations (reduces exposure but adds network complexity). (4) Monitor for unusual authentication attempts or configuration changes in router logs (detection only, does not prevent exploitation). (5) If business requirements permit, replace affected TOTOLINK A800R devices with alternative router models from vendors with established security update programs (most effective but requires hardware investment). Check TOTOLINK's support portal at https://www.totolink.net/ for firmware updates released after this analysis. The GitHub POC (https://github.com/xyh4ck/iot_poc/blob/main/TOTOLINK/A800R/02_Buffer_Overflow_setWiFiMultipleConfig.md) provides technical details useful for validating patch effectiveness when released.

Share

CVE-2026-7503 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy