CVE-2026-1158 | Totolink LR350 9.3.5u.6369_B20220309 POST Request /cgi-bin/cstecgi.cgi setWizardCfg ssid buffer overflow

Inserito da Angelo Barbosa | Gen 18, 2026 | CVE

A vulnerability marked as critical has been reported in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow.

This vulnerability is identified as CVE-2026-1158. The attack can be initiated remotely. Additionally, an exploit exists.

CVE-2026-1158 | Totolink LR350 9.3.5u.6369_B20220309 POST Request /cgi-bin/cstecgi.cgi setWizardCfg ssid buffer overflow

Post correlati

CVE-2025-12224 | Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24 admin/contact.php twitter cross site scripting

CVE-2025-25301 | danielgatis rembg up to 2.0.57 Query Parameter /api/remove server-side request forgery (GHSL-2024-161)

CVE-2023-7131 | code-projects Intern Membership Management System 2.0 User Registration /user_registration/ userName sql injection

CVE-2021-38120 | OpenText NetIQ Advance Authentication up to 6.3.5.0 command injection