Critical severity9.8NVD Advisory· Published Jan 9, 2024· Updated Jun 17, 2026
CVE-2023-7221
CVE-2023-7221
Description
A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
2- Totolink/T6v5Range: 4.1.9cu.5241_B20210923
Patches
Vulnerability mechanics
References
3- github.com/jylsec/vuldb/blob/main/TOTOLINK/T6/1/README.mdnvdExploitThird Party Advisory
- vuldb.comnvdPermissions RequiredThird Party Advisory
- vuldb.comnvdThird Party Advisory
News mentions
0No linked articles in our index yet.