CVE-2026-6157 | Totolink A800R 4.1.2cu.5137_B20200730 /lib/cste_modules/app.so setAppEasyWizardConfig apcliSsid buffer overflow

Inserito da Angelo Barbosa | Apr 12, 2026 | CVE

A vulnerability categorized as critical has been discovered in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid results in buffer overflow.

This vulnerability is identified as CVE-2026-6157. The attack can be executed remotely. Additionally, an exploit exists.

CVE-2026-6157 | Totolink A800R 4.1.2cu.5137_B20200730 /lib/cste_modules/app.so setAppEasyWizardConfig apcliSsid buffer overflow

Post correlati

CVE-2024-23304 | Cybozu KUNAI 3.0.20/3.0.21 on Android denial of service

CVE-2025-43557 | Adobe Animate up to 23.0.11/24.0.8 uninitialized pointer (apsb25-42)

CVE-2024-25128 | dpgaspar Flask-AppBuilder up to 4.3.10 OpenID Service improper authentication

CVE-2025-38624 | Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0 kernel/irq/msi.c pci_hp_remove_devices denial of service