Description
A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Published: 2026-05-04
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a buffer overflow in the POST Request Handler of Totolink N300RH routers, specifically the setWanConfig function in /cgi-bin/cstecgi.cgi. Manipulating the priDns argument causes a buffer overflow that can allow an attacker to execute arbitrary code on the device, compromising its integrity and potentially affecting availability.

Affected Systems

Totolink N300RH routers running firmware 3.2.4-B20220812 are affected. The firmware identifies the vulnerable setWanConfig function and remote POST processing that handles the priDns parameter.

Risk and Exploitability

The CVSS score of 8.7 reflects a high severity condition. The EPSS score is not available, indicating that current data on exploitation probability is limited, but the public disclosure and remote nature of the attack vector keep the risk significant. The vulnerability is not listed in the CISA KEV catalog at this time.

Generated by OpenCVE AI on May 4, 2026 at 10:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Totolink N300RH firmware update that removes the setWanConfig buffer overflow vulnerability.
  • If a patch is not immediately available, restrict access to the /cgi-bin/cstecgi.cgi endpoint by configuring the router to accept remote management only from trusted IP addresses or disabling remote management features that invoke this CGI.
  • Continuously monitor network traffic for abnormal POST requests to /cgi-bin/cstecgi.cgi, especially those with unusually large priDns parameters, and block such requests to prevent exploitation attempts.

Generated by OpenCVE AI on May 4, 2026 at 10:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Totolink n300rh
Vendors & Products Totolink n300rh

Mon, 04 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
Title Totolink N300RH POST Request cstecgi.cgi setWanConfig buffer overflow
First Time appeared Totolink
Totolink n300rh Firmware
Weaknesses CWE-119
CWE-120
CPEs cpe:2.3:o:totolink:n300rh_firmware:*:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink n300rh Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink N300rh N300rh Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-04T08:45:11.639Z

Reserved: 2026-05-03T17:20:51.017Z

Link: CVE-2026-7749

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T10:16:01.040

Modified: 2026-05-04T10:16:01.040

Link: CVE-2026-7749

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T10:30:42Z

Weaknesses