ГлавнаяУязвимости → CVE-2026-1157
8.8высокая

CVE-2026-1157

Описание

A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Затрагиваемое ПО
Totolink Lr350 firmwareTotolink Lr350
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://lavender-bicycle-a5a.notion.site/TOTOLINK-LR350-setWiFiEasyCfg-2e453a41781f80b7b53cef33c6a782aa?source=copy_linkhttps://vuldb.com/?ctiid.341751https://vuldb.com/?id.341751https://vuldb.com/?submit.735726https://www.totolink.net/