VYPR
Unrated severityNVD Advisory· Published Jan 19, 2026· Updated Feb 23, 2026

TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow

CVE-2026-1143

Description

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

Affected products

2
  • Totolink/A3700Rcpe-rescue2 versions
    cpe:2.3:o:totolink:a3700r_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:totolink:a3700r_firmware:*:*:*:*:*:*:*:*range: 9.1.2u.5822_B20200513
    • (no CPE)range: = 9.1.2u.5822_B20200513

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.