top of page
perceptive_background_267k.jpg

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi. Theā€¦

Published:

26 maart 2026 om 23:00:00

Alert date:

27 maart 2026 om 22:06:06

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Network Infrastructure

A buffer overflow vulnerability was discovered in Totolink LR350 router version 9.3.5u.6369_B20220309. The vulnerability affects the setWiFiGuestCfg function in /cgi-bin/cstecgi.cgi file through manipulation of the ssid argument. This security flaw can be exploited remotely and a public exploit is available. The vulnerability allows attackers to potentially execute arbitrary code or cause denial of service by sending specially crafted requests to the affected router's web interface. Given that this is a remotely exploitable buffer overflow with a public exploit, it poses a significant security risk to affected devices.

Technical details

Mitigation steps:

Affected products:

Totolink LR350

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-4976
https://lavender-bicycle-a5a.notion.site/TOTOLINK-LR350-setWiFiGuestCfg-32153a41781f8048a918c1c78e95064e
https://vuldb.com/?ctiid.353863
https://vuldb.com/?id.353863
https://vuldb.com/?submit.778274
https://www.totolink.net/

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page