EUVD-2025-17609
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Description
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument device_name leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Analysis
A critical buffer overflow vulnerability exists in TOTOLINK T10 firmware version 4.1.8cu.5207 in the setWiFiMeshName function of the POST request handler (/cgi-bin/cstecgi.cgi). An authenticated remote attacker can overflow the device_name parameter to achieve arbitrary code execution with complete system compromise (confidentiality, integrity, and availability impact). Public exploit code is available, elevating real-world risk despite the requirement for authenticated access.
Technical Context
This vulnerability is a classic stack-based or heap-based buffer overflow (CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer) in a CGI script commonly used in embedded Linux-based routers. The TOTOLINK T10 is a mesh WiFi router running a web-accessible CGI interface for configuration. The vulnerable endpoint /cgi-bin/cstecgi.cgi processes POST requests to modify WiFi mesh network names. The setWiFiMeshName function fails to validate or bounds-check the device_name input parameter before copying it into a fixed-size buffer, allowing an attacker to overwrite adjacent stack or heap memory. This is typical of embedded device firmware where legacy C code lacks modern memory safety protections. CPE affected: cpe:2.3:o:totolink:t10_firmware:4.1.8cu.5207:*:*:*:*:*:*:*
Affected Products
TOTOLINK T10 firmware version 4.1.8cu.5207 and potentially earlier versions (firmware lineage suggests vulnerability may exist in nearby builds). Affected CPE: cpe:2.3:o:totolink:t10_firmware:4.1.8cu.5207:*:*:*:*:*:*:*. Hardware: TOTOLIK T10 mesh WiFi router (specific hardware variants using this firmware version). No vendor advisory URL provided in input data; recommend checking TOTOLINK security advisories at https://www.totolink.net or manufacturer security bulletins for confirmation of affected versions and patch availability.
Remediation
PRIMARY: Upgrade to patched firmware version from TOTOLINK (version number not provided in input—contact TOTOLINK support or check official firmware page for T10 updates post-4.1.8cu.5207). INTERIM MITIGATIONS: (1) Restrict access to the router's web admin interface via firewall rules—block /cgi-bin/cstecgi.cgi endpoint if not required for remote management, (2) Disable remote web administration if possible; use only local network access, (3) Change default router credentials to strong, unique passwords to reduce likelihood of authentication bypass, (4) Isolate the router on a segmented network to limit lateral movement if exploited, (5) Monitor for suspicious CGI requests containing overflow payloads (e.g., unusually long device_name parameters). PATCH TIMELINE: No specific patch date provided—assume vendor is developing fix; check TOTOLINK advisories within 30 days of CVE publication.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today