Skip to main content

Ex1200L

1 CVEs product

Monthly

CVE-2026-44089 CRITICAL Act Now

Stack-based buffer overflow in the Totolink EX1200L router's login handler (cgi-bin/cstecgi.cgi) allows remote attackers on the adjacent network to crash the device or execute arbitrary code as root. Confirmed on firmware 9.3.5u.6146_B20201023 with no public exploit identified at time of analysis, but vendor contact attempts by CERT-PL were unsuccessful so no patch is available. CVSS 4.0 of 9.4 reflects unauthenticated exploitation with full impact on both the device and downstream systems.

Buffer Overflow Stack Overflow Ex1200L
NVD VulDB
CVSS 4.0
9.4
EPSS
0.2%
EPSS 0% CVSS 9.4
CRITICAL Act Now

Stack-based buffer overflow in the Totolink EX1200L router's login handler (cgi-bin/cstecgi.cgi) allows remote attackers on the adjacent network to crash the device or execute arbitrary code as root. Confirmed on firmware 9.3.5u.6146_B20201023 with no public exploit identified at time of analysis, but vendor contact attempts by CERT-PL were unsuccessful so no patch is available. CVSS 4.0 of 9.4 reflects unauthenticated exploitation with full impact on both the device and downstream systems.

Buffer Overflow Stack Overflow Ex1200L
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy