Skip to main content

Totolink WA300 EUVDEUVD-2026-26870

| CVE-2026-7719 HIGH
Classic Buffer Overflow (CWE-120)
2026-05-04 VulDB
8.9
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.9 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

7
PoC Detected
May 04, 2026 - 15:18 vuln.today
Public exploit code
Analysis Generated
May 04, 2026 - 02:30 vuln.today
Severity Changed
May 04, 2026 - 02:22 NVD
CRITICAL HIGH
CVSS changed
May 04, 2026 - 02:22 NVD
9.8 (CRITICAL) 8.9 (HIGH)
EUVD ID Assigned
May 04, 2026 - 02:15 euvd
EUVD-2026-26870
Analysis Generated
May 04, 2026 - 02:15 vuln.today
CVE Published
May 04, 2026 - 01:30 nvd
HIGH 8.9

DescriptionCVE.org

A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

AnalysisAI

Remote unauthenticated buffer overflow in Totolink WA300 wireless repeater firmware version 5.2cu.7112_B20190227 enables complete device compromise via crafted HTTP POST requests to the login authentication handler. The vulnerability resides in the loginauth function within /cgi-bin/cstecgi.cgi, where insufficient validation of the http_host parameter allows attackers to overflow memory and achieve arbitrary code execution with device privileges. Publicly available exploit code exists (documented via Notion), enabling trivial exploitation with EPSS probability assessment pending but attack complexity rated low (AC:L) with no authentication barrier (PR:N).

Technical ContextAI

This is a classic stack-based buffer overflow (CWE-120) in embedded device firmware CGI handling code. The Totolink WA300 is a wireless range extender running custom firmware with web-based management accessible via CGI scripts. The loginauth function in cstecgi.cgi processes HTTP POST parameters during authentication without proper bounds checking on the http_host header value. When an oversized http_host parameter is supplied, it overflows the allocated buffer on the stack, corrupting adjacent memory including the return address. The CVSS vector indicates this is a network-accessible (AV:N) pre-authentication (PR:N) vulnerability requiring no user interaction (UI:N), affecting the primary system confidentiality, integrity, and availability (VC:H/VI:H/VA:H) without cross-scope impact. The CPE identifier cpe:2.3:a:totolink:wa300 confirms this affects the WA300 product line, specifically firmware version 5.2cu.7112_B20190227 based on the vulnerability description.

RemediationAI

No vendor-released patch or updated firmware version has been identified in available references at time of analysis. Organizations currently operating Totolink WA300 devices with firmware 5.2cu.7112_B20190227 should immediately implement network-level compensating controls given the absence of an official fix. Specific mitigations include: isolate WA300 management interfaces from untrusted networks by restricting administrative access to dedicated management VLANs or trusted IP ranges via firewall rules (this prevents remote exploitation but reduces management convenience); disable remote management features entirely if not operationally required and restrict access to local network segments only; deploy intrusion prevention systems with signatures detecting malformed http_host headers targeting /cgi-bin/cstecgi.cgi (though skilled attackers may evade signature-based detection); consider replacing affected devices with alternative wireless repeater solutions from vendors with active security support programs given the age of the vulnerable firmware (2019) and absence of patching response. Monitor vendor communications at https://www.totolink.net/ for future security updates, though the firmware age suggests end-of-life status may preclude patching.

Share

EUVD-2026-26870 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy