Skip to main content

For Plugin

1 CVEs product

Monthly

CVE-2026-7503 HIGH POC This Week

Buffer overflow in TOTOLINK A800R router firmware 4.1.2cu.5137 enables authenticated remote attackers to achieve arbitrary code execution with high privileges. The vulnerability exists in the setWiFiMultipleConfig function of the wireless configuration module (wireless.so) within the cstecgi.cgi web interface, exploitable via malformed wepkey2 parameter. Public proof-of-concept exploit code is available on GitHub. EPSS data not provided, CISA KEV status not listed, indicating exploitation is demonstrated but not yet observed in widespread campaigns.

Buffer Overflow For Plugin
NVD VulDB GitHub
CVSS 4.0
7.4
EPSS
0.0%
EPSS 0% CVSS 7.4
HIGH POC This Week

Buffer overflow in TOTOLINK A800R router firmware 4.1.2cu.5137 enables authenticated remote attackers to achieve arbitrary code execution with high privileges. The vulnerability exists in the setWiFiMultipleConfig function of the wireless configuration module (wireless.so) within the cstecgi.cgi web interface, exploitable via malformed wepkey2 parameter. Public proof-of-concept exploit code is available on GitHub. EPSS data not provided, CISA KEV status not listed, indicating exploitation is demonstrated but not yet observed in widespread campaigns.

Buffer Overflow For Plugin
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy