Totolink Lr350 Firmware vulnerabilities

CVE-2026-4976 [HIGH] CWE-119 CVE-2026-4976: A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the fu A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack can be launched remotely. The exploit has been made public and could be used.

CVE-2026-1157 [HIGH] CWE-119 CVE-2026-1157: A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function se A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

CVE-2026-1156 [HIGH] CWE-119 CVE-2026-1156: A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is th A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2026-1158 [HIGH] CWE-119 CVE-2026-1158: A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affe A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the pub

CVE-2026-1155 [HIGH] CWE-119 CVE-2026-1155: A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

CVE-2026-1149 [MEDIUM] CWE-74 CVE-2026-1149: A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the funct A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This issue affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

CVE-2026-1150 [MEDIUM] CWE-74 CVE-2026-1150: A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. Impacted is the functio A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be

CVE-2025-63466 [HIGH] CWE-121 CVE-2025-63466: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password pa Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63469 [HIGH] CWE-121 CVE-2025-63469: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parame Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_421BAC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63463 [HIGH] CWE-121 CVE-2025-63463: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the wifiOff par Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the wifiOff parameter in the sub_4232EC function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63467 [HIGH] CWE-121 CVE-2025-63467: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parame Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_425400 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63464 [HIGH] CWE-121 CVE-2025-63464: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parame Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_42396C function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63468 [HIGH] CWE-121 CVE-2025-63468: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host p Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the sub_426EF8 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-63465 [HIGH] CWE-121 CVE-2025-63465: Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parame Totolink LR350 v9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the ssid parameter in the sub_422880 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2024-10654 [MEDIUM] CWE-266 CVE-2024-10654: A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affec A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the

CVE-2024-42967 [CRITICAL] CWE-284 CVE-2024-42967: Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apm Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

CVE-2024-7214 [MEDIUM] CWE-77 CVE-2024-7214: A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical. A A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical. Affected by this vulnerability is the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be u

CVE-2024-36783 [CRITICAL] CWE-77 CVE-2024-36783: TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_tim TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.

CVE-2024-35387 [CRITICAL] CWE-121 CVE-2024-35387: TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host p TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.

CVE-2024-35099 [CRITICAL] CWE-120 CVE-2024-35099: TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password pa TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stack overflow via the password parameter in the function loginAuth.