Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
9DescriptionCVE.org
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
AnalysisAI
Remote unauthenticated attackers can execute arbitrary code on Totolink N300RH routers version 3.2.4-B20220812 by sending crafted Password parameter values to the loginauth authentication function in /cgi-bin/cstecgi.cgi, triggering a stack-based buffer overflow. Exploitation probability is moderate (EPSS score not provided, but publicly available exploit code exists per VulDB reference). This affects consumer-grade wireless routers often deployed in home/SOHO environments with default internet-facing management interfaces, creating significant remote compromise risk despite the device's end-of-life status.
Technical ContextAI
This vulnerability affects the loginauth function in Totolink N300RH firmware 3.2.4-B20220812, a consumer wireless router. The flaw is a classic stack-based buffer overflow (CWE-120) in the CGI parameter handler processing the Password argument during authentication to /cgi-bin/cstecgi.cgi. When oversized or malformed data is submitted to the Password field, inadequate bounds checking allows attackers to overwrite adjacent memory regions, corrupting the call stack and redirecting execution flow. The CVSS 4.0 vector indicates this is exploitable over the network (AV:N) with low complexity (AC:L) requiring no authentication (PR:N) or user interaction (UI:N), achieving high impact to confidentiality, integrity, and availability of the vulnerable component. The CPE string cpe:2.3:a:totolink:n300rh identifies this as application-level firmware running on dedicated router hardware, where memory corruption vulnerabilities typically grant full administrative access to the device.
RemediationAI
No vendor-released patch for CVE-2026-7747 has been identified at time of analysis; Totolink has not published security advisories addressing this buffer overflow per references available at https://www.totolink.net/. Immediate compensating controls: (1) Disable remote management interface access and restrict administrative access to trusted internal networks only-this eliminates the AV:N attack vector but prevents legitimate remote administration; (2) Replace affected Totolink N300RH 3.2.4-B20220812 devices with actively supported router models from vendors with established security response programs; (3) If replacement is not immediately feasible, place affected routers behind defense-in-depth controls such as firewall rules blocking external access to TCP ports typically used for router management (80, 443, 8080) and implement network segmentation to isolate router management plane from production networks. Monitor vendor advisories at https://www.totolink.net/ and VulDB tracking page https://vuldb.com/vuln/360922 for future patch availability, though given the specific build date (2022) this firmware version may be end-of-life.
OS command injection in the Totolink N300RH router (firmware 6.1c.1353_B20190305) allows remote unauthenticated attacker
Stack-based buffer overflow in the Totolink N300RH router (firmware 6.1c.1353_B20190305) allows remote attackers to corr
Remote authenticated attackers can execute arbitrary code on Totolink N300RH 3.2.4-B20220812 routers via buffer overflow
Buffer overflow in Totolink N300RH router firmware 3.2.4-B20220812 allows authenticated remote attackers to achieve comp
Buffer overflow in Totolink N300RH router firmware 3.2.4-B20220812 enables authenticated remote attackers to achieve cod
Remote code execution in Totolink N300RH firmware 6.1c.1353_B20190305 allows unauthenticated network attackers to execut
External file inclusion in Totolink N300RH firmware 6.1c.1353_B20190305 allows remote unauthenticated attackers to manip
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-26937