Description
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Published: 2026-05-04
Score: 9.3 Critical
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An attacker can cause a buffer overflow by manipulating the Password parameter in the loginauth handler of /cgi-bin/cstecgi.cgi. The overflow is triggered remotely and can lead to arbitrary code execution on the device. This is a classic stack-based buffer overflow (CWE-120) and general buffer overflow (CWE-119). The impact is therefore loss of confidentiality, integrity, and availability of the affected device due to potential remote code execution.

Affected Systems

The flaw exists in Totolink N300RH routers running firmware 3.2.4-B20220812. The device model is an N300RH and the vulnerable component is the Parameter Handler within the "cgi-bin/cstecgi.cgi" script. Users running this specific firmware version are at risk.

Risk and Exploitability

The CVSS score is 9.3, indicating a critical severity. EPSS information is not available, but the vulnerability is publicly exploitable and the exploit has already been released, meaning a realistic exploitation window is high. The vulnerability is not yet listed in CISA’s KEV catalog. Attackers can reach the vulnerable endpoint over the network, likely via the device’s web management interface, and trigger the overflow without requiring local access.

Generated by OpenCVE AI on May 4, 2026 at 09:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router firmware to a version that patches the loginauth buffer overflow in cstecgi.cgi.
  • Restrict remote access to the router’s web interface by applying firewall rules, ACLs, or VLAN segmentation so that only trusted networks can reach it.
  • If a firmware update is not immediately available, temporarily block or disable access to the cstecgi.cgi endpoint or disable the web management interface altogether while awaiting a fix.

Generated by OpenCVE AI on May 4, 2026 at 09:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink n300rh
Vendors & Products Totolink n300rh

Mon, 04 May 2026 08:45:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Title Totolink N300RH Parameter cstecgi.cgi loginauth buffer overflow
First Time appeared Totolink
Totolink n300rh Firmware
Weaknesses CWE-119
CWE-120
CPEs cpe:2.3:o:totolink:n300rh_firmware:*:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink n300rh Firmware
References
Metrics cvssV2_0

{'score': 10, 'vector': 'AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 9.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink N300rh N300rh Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-04T12:43:29.421Z

Reserved: 2026-05-03T17:20:44.653Z

Link: CVE-2026-7747

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T09:16:01.117

Modified: 2026-05-04T09:16:01.117

Link: CVE-2026-7747

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T09:30:42Z

Weaknesses