CVE-2026-31027 - Vulnerability Details

Description

TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste_modules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service.

Published: 2026-04-01

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A buffer overflow exists in the setAppEasyWizardConfig API of the Totolink A3600R router’s firmware (5.9c.4959). The rootSsid parameter is not length‑checked, allowing an attacker to send a string that exceeds the buffer boundary, corrupting memory on the device’s stack and potentially executing arbitrary code or crashing the service. This weakness is classified as CWE‑120, a classic buffer overflow that can compromise confidentiality, integrity, and availability of the router.

Affected Systems

The flaw affects Totolink A3600R devices running firmware version 5.9c.4959. No other firmware versions are known to contain the unpatched vulnerability. All other builds may have been fixed, but verification is required before assuming immunity.

Risk and Exploitability

The CVSS score of 9.8 indicates a critical severity level. The EPSS score of less than 1% suggests a low probability of exploitation, yet the vulnerability is remotely reachable over the network via the setAppEasyWizardConfig interface. Because remote attackers can trigger the buffer overflow without local access, the risk remains high until the device is updated or mitigated.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:totolink:a3600r_firmware:5.9c.4959:*:*:*:*:*:*:*

cpe:2.3:h:totolink:a3600r:-:*:*:*:*:*:*:*

No data.

Vendor Product Confidence Versions

Totolink

A3600r

100%

Version	Status	Scheme	Platform
`5.9c.4959`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply the latest firmware update that patches the rootSsid validation flaw on the Totolink A3600R.
If an update is not immediately available, restrict or block traffic to the setAppEasyWizardConfig endpoint by configuring firewall rules or disabling the feature through the router’s settings.
Monitor the router for abnormal configuration requests or repeated attempts to set the rootSsid, and verify that firmware integrity checks are enforced whenever possible.

Generated by OpenCVE AI on April 7, 2026 at 20:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00849.

Exploitation poc

Automatable yes

Technical Impact total

References

Link	Providers
https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/ToTolink/A3600R/rootSsid-setAppEasyWizardConfig.md

History

Wed, 08 Apr 2026 20:15:00 +0000

Type	Values Removed	Values Added
Title	Buffer Overflow in A3600R Root SSID Configuration Enables Remote Code Execution

Tue, 07 Apr 2026 15:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Totolink a3600r Firmware
CPEs		cpe:2.3:h:totolink:a3600r:-:::::::* cpe:2.3:o:totolink:a3600r_firmware:5.9c.4959:::::::*
Vendors & Products		Totolink a3600r Firmware

Fri, 03 Apr 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Totolink Totolink a3600r
Vendors & Products		Totolink Totolink a3600r

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Title		Buffer Overflow in A3600R Root SSID Configuration Enables Remote Code Execution

Wed, 01 Apr 2026 23:45:00 +0000

Type	Values Removed	Values Added
Description		TOTOlink A3600R v5.9c.4959 contains a buffer overflow vulnerability in the setAppEasyWizardConfig interface of /lib/cste_modules/app.so. The vulnerability occurs because the rootSsid parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow, potentially leading to arbitrary code execution or denial of service.
Weaknesses		CWE-120
References		https://github.com/SunnyYANGyaya/cuicuishark-sheep-fishIOT/blob/main/ToTolink/A3600R/rootSsid-setAppEasyWizardConfig.md
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Subscriptions

Totolink A3600r A3600r Firmware

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-04-01T00:00:00.000Z

Updated: 2026-04-01T18:23:53.528Z

Reserved: 2026-03-09T00:00:00.000Z

Link: CVE-2026-31027

Vulnrichment

Updated: 2026-04-01T18:22:52.544Z

NVD

Status : Analyzed

Published: 2026-04-01T16:23:49.787

Modified: 2026-04-07T12:10:47.497

Link: CVE-2026-31027

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-08T19:59:57Z

Weaknesses

CWE-120

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation poc

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object