Description
A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument mac_address results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used.
Published: 2026-05-04
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a classic buffer overflow triggered by the "mac_address" argument to the setMacFilterRules function located in /cgi-bin/cstecgi.cgi. A malformed POST request can overwrite the stack, potentially leading to a crash or remote code execution. The flaw is identified as CWE-119 and CWE-120, indicating unsafe handling of untrusted input and lack of bounds checking.

Affected Systems

The affected device is Totolink N300RH running firmware version 3.2.4-B20220812. No other affected versions are listed in the current data.

Risk and Exploitability

With a CVSS score of 8.7, the vulnerability is considered high severity. The EPSS score is not available, but the exploit is publicly available, and the CVE notes that it may be launched remotely. The entry is not listed in the CISA KEV catalog. An attacker who can reach the device’s management interface can send a crafted POST request to /cgi-bin/cstecgi.cgi to trigger the buffer overflow; the attack requires no authentication or is inferred to be unauthenticated given the lack of mention of credentials.

Generated by OpenCVE AI on May 4, 2026 at 10:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the N300RH firmware to a version where the buffer overflow in setMacFilterRules is fixed.
  • If an immediate firmware update is not possible, block or filter POST requests to /cgi-bin/cstecgi.cgi from unauthorized sources or disable the setMacFilterRules endpoint via firewall rules or router configuration.
  • Restrict management access to the device to trusted networks and monitor for anomalous POST activity to detect potential exploitation attempts.

Generated by OpenCVE AI on May 4, 2026 at 10:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 04 May 2026 11:30:00 +0000

Type Values Removed Values Added
First Time appeared Totolink n300rh
Vendors & Products Totolink n300rh

Mon, 04 May 2026 09:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument mac_address results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used.
Title Totolink N300RH POST Request cstecgi.cgi setMacFilterRules buffer overflow
First Time appeared Totolink
Totolink n300rh Firmware
Weaknesses CWE-119
CWE-120
CPEs cpe:2.3:o:totolink:n300rh_firmware:*:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink n300rh Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Totolink N300rh N300rh Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-04T09:00:17.932Z

Reserved: 2026-05-03T17:20:54.039Z

Link: CVE-2026-7750

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-04T10:16:01.203

Modified: 2026-05-04T10:16:01.203

Link: CVE-2026-7750

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-04T11:15:25Z

Weaknesses