CVE-2026-1143

CWE-119Buffer OverflowCWE-120Classic Buffer Overflow3 documents3 sources
Severity
7.4HIGH
EPSS
0.2%
top 62.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Totolink A3700rTotolink A3700r Firmware
Timeline
PublishedJan 19

Description

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5totolink/a3700r9.1.2u.5822_B20200513
NVDtotolink/a3700r_firmware9.1.2u.5822_b20200513

🔴Vulnerability Details

2
CVEList
TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow2026-01-19
GHSA
GHSA-m237-23r2-f38w: A weakness has been identified in TOTOLINK A3700R 92026-01-19
CVE-2026-1143 (HIGH CVSS 7.4) | A weakness has been identified in T | cvebase.io