Description
A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.
Published: 2026-04-13
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Patch ASAP
AI Analysis

Impact

A Totolink A800R router running firmware 4.1.2cu.5137_B20200730 contains a buffer‑overflow flaw in the setAppEasyWizardConfig function of /lib/cste_modules/app.so. By manipulating the apcliSsid parameter, an attacker can trigger memory corruption that may lead to arbitrary code execution. The bug is a classic stack buffer overflow (CWE‑119 and CWE‑120) and is triggered from a remote connection.

Affected Systems

The device affected is the Totolink A800R router with the specified firmware build. No broader version range is documented, so the vulnerability appears limited to this firmware version.

Risk and Exploitability

The flaw has a CVSS score of 8.7, indicating high severity, and the EPSS score is not listed. While it is not in CISA’s KEV catalog, a public exploit has been released. Remote attackers can reach the device from any connected network, making exploitation practical and potentially impacting all users if the device is exposed.

Generated by OpenCVE AI on April 13, 2026 at 05:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Contact Totolink support to obtain a firmware update that addresses the buffer overflow.
  • Apply the latest official firmware release for the A800R when available.
  • If no update is available, isolate the device from untrusted networks to mitigate remote exploitation.
  • Use a firewall to block traffic to the vulnerable service if possible.

Generated by OpenCVE AI on April 13, 2026 at 05:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 13:00:00 +0000

Type Values Removed Values Added
First Time appeared Totolink a800r
Vendors & Products Totolink a800r

Mon, 13 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 04:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.
Title Totolink A800R app.so setAppEasyWizardConfig buffer overflow
First Time appeared Totolink
Totolink a800r Firmware
Weaknesses CWE-119
CWE-120
CPEs cpe:2.3:o:totolink:a800r_firmware:*:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink a800r Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink A800r A800r Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-13T11:44:36.935Z

Reserved: 2026-04-12T18:06:21.026Z

Link: CVE-2026-6157

cve-icon Vulnrichment

Updated: 2026-04-13T11:43:42.599Z

cve-icon NVD

Status : Deferred

Published: 2026-04-13T04:16:16.817

Modified: 2026-04-27T19:05:57.310

Link: CVE-2026-6157

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T12:53:30Z

Weaknesses