CVE-2025-11444 | TOTOLINK N600R up to 4.3.0cu.7866_B20220506 HTTP Request /cgi-bin/cstecgi.cgi setWiFiBasicConfig wepkey buffer overflow

Inserito da Angelo Barbosa | Ott 7, 2025 | CVE

A vulnerability was found in TOTOLINK N600R up to 4.3.0cu.7866_B20220506 and classified as critical. This impacts the function setWiFiBasicConfig of the file /cgi-bin/cstecgi.cgi of the component HTTP Request Handler. Such manipulation of the argument wepkey leads to buffer overflow.

This vulnerability is referenced as CVE-2025-11444. It is possible to launch the attack remotely. Furthermore, an exploit is available.

CVE-2025-11444 | TOTOLINK N600R up to 4.3.0cu.7866_B20220506 HTTP Request /cgi-bin/cstecgi.cgi setWiFiBasicConfig wepkey buffer overflow

Post correlati

CVE-2024-47388 | SliceWP Plugin up to 1.1.18 on WordPress cross site scripting

CVE-2024-33273 | shipup up to 3.2.x getShopID sql injection

CVE-2023-6373 | ArtPlacer Widget Plugin up to 2.20.6 on WordPress sql injection

CVE-2024-48241 | radare2 up to 5.9.4 __bf_div denial of service (Issue 23317)