NewsSecurity Vulnerabilities

Totolink N300RH Password buffer overflow vulnerability (CVE-2026-7747)

CVE number =  CVE-2026-7747

A vulnerability, which was classified as critical, has been found in Totolink N300RH 3.2.4-B20220812.

Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler.

Performing a manipulation of the argument Password results in buffer overflow.

Using CWE to declare the problem leads to CWE-120.

The weakness was presented 05/03/2026. The advisory is available at lavender-bicycle-a5a.notion.site.

This vulnerability is identified as CVE-2026-7747. The attack can be initiated remotely. Technical specifics are available. Additionally, an exploit exists.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.