Description
A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Published: 2026-01-19
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution
Action: Immediate Patch
AI Analysis

Impact

An attacker that can send a crafted POST request to /cgi-bin/cstecgi.cgi can overflow the ssid buffer in the setWizardCfg function. The resulting stack-based buffer overflow enables arbitrary code execution on the Totolink LR350, effectively giving the attacker full control over the device. This flaw is a classic buffer overflow (CWE‑119/CWE‑120) that directly leads to remote code execution and disrupts the router's confidentiality, integrity, and availability.

Affected Systems

The vulnerability is present in the Totolink LR350 router running firmware version 9.3.5u.6369_B20220309. This model is identified as Totolink LR350. Only the specified firmware revision has been confirmed as vulnerable; other firmware versions may be unaffected, but no other affected versions are listed in the CNA data.

Risk and Exploitability

The CVSS v3 score of 8.7 reflects a high‑impact flaw, while the EPSS score of less than 1% indicates low current exploitation probability, yet a publicly released exploit exists. The vulnerability is not listed in the CISA KEV catalog, so it has not yet been observed in the wild on a large scale. Attackers can trigger the overflow remotely without authentication by sending a malformed POST request to the affected endpoint. Although exploitation likelihood is still emerging, the potential impact warrants immediate attention.

Generated by OpenCVE AI on April 18, 2026 at 05:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the LR350 to the latest firmware release that includes the fix for the setWizardCfg buffer overflow, such as any version newer than 9.3.5u.6369_B20220309.
  • If an immediate firmware upgrade is not possible, block or disable POST requests to /cgi-bin/cstecgi.cgi through firewall rules or by reconfiguring the router’s web server to reject that endpoint.
  • Restrict remote management of the router to trusted IP addresses or disable remote management entirely to reduce exposure to remote attackers.
  • Monitor router logs for unexpected POST traffic to cstecgi.cgi and configure alerts to detect suspicious activity.

Generated by OpenCVE AI on April 18, 2026 at 05:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 09:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:totolink:lr350_firmware:*:*:*:*:*:*:*:*

Thu, 29 Jan 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink lr350 Firmware
CPEs cpe:2.3:h:totolink:lr350:-:*:*:*:*:*:*:*
cpe:2.3:o:totolink:lr350_firmware:9.3.5u.6369_b20220309:*:*:*:*:*:*:*
Vendors & Products Totolink lr350 Firmware

Tue, 20 Jan 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 20 Jan 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink
Totolink lr350
Vendors & Products Totolink
Totolink lr350

Mon, 19 Jan 2026 15:00:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Title Totolink LR350 POST Request cstecgi.cgi setWizardCfg buffer overflow
Weaknesses CWE-119
CWE-120
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink Lr350 Lr350 Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-02-23T08:46:49.974Z

Reserved: 2026-01-18T20:20:02.560Z

Link: CVE-2026-1158

cve-icon Vulnrichment

Updated: 2026-01-20T16:07:35.895Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-19T15:15:50.340

Modified: 2026-01-29T18:34:39.700

Link: CVE-2026-1158

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T05:15:15Z

Weaknesses