Skip to main content

A7000R

1 CVEs product

Monthly

CVE-2026-6168 HIGH POC This Week

Stack-based buffer overflow in TOTOLINK A7000R router (firmware ≤9.1.0u.6115) allows authenticated remote attackers to achieve complete system compromise via the setWiFiEasyGuestCfg CGI function. The vulnerability exists in /cgi-bin/cstecgi.cgi where unsanitized input to the ssid5g parameter triggers memory corruption, enabling arbitrary code execution with device privileges. Publicly available exploit code exists, significantly lowering the barrier to exploitation for authenticated attackers on the network.

Stack Overflow Buffer Overflow A7000R
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.1%
EPSS 0% CVSS 7.4
HIGH POC This Week

Stack-based buffer overflow in TOTOLINK A7000R router (firmware ≤9.1.0u.6115) allows authenticated remote attackers to achieve complete system compromise via the setWiFiEasyGuestCfg CGI function. The vulnerability exists in /cgi-bin/cstecgi.cgi where unsanitized input to the ssid5g parameter triggers memory corruption, enabling arbitrary code execution with device privileges. Publicly available exploit code exists, significantly lowering the barrier to exploitation for authenticated attackers on the network.

Stack Overflow Buffer Overflow A7000R
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy