CVE-2026-1155
Remote Buffer Overflow in Totolink LR350 setWiFiEasyGuestCfg
Publication date: 2026-01-19
Last updated on: 2026-01-19
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| totolink | lr350 | 9.3.5u.6369_b20220309 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-119 | The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data. |
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-1155 is a critical buffer overflow vulnerability in the Totolink LR350 router firmware version 9.3.5u.6369_B20220309. It occurs in the function setWiFiEasyGuestCfg within the /cgi-bin/cstecgi.cgi file. The vulnerability arises because the 'ssid' argument is processed without proper bounds checking, leading to a stack-based buffer overflow when a specially crafted SSID input is sent. This flaw allows remote attackers to exploit the device by sending malicious input to the wireless configuration interface. [1, 2]
How can this vulnerability impact me? :
This vulnerability can be exploited remotely with low attack complexity, potentially allowing attackers to compromise the confidentiality, integrity, and availability of the affected Totolink LR350 router. Exploitation could lead to unauthorized control over the device, disruption of network services, or leakage of sensitive information. Since no known mitigations or patches are available, the risk remains until the device is replaced or updated. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring or testing the /cgi-bin/cstecgi.cgi endpoint for the setWiFiEasyGuestCfg function with crafted SSID inputs that may trigger a buffer overflow. Since the exploit involves sending a specially crafted SSID parameter remotely, detection could involve inspecting HTTP requests to this endpoint for unusually long or malformed SSID parameters. Specific commands are not provided in the resources, but network monitoring tools or custom scripts to detect or send such crafted requests could be used. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected Totolink LR350 router firmware version 9.3.5u.6369_B20220309 with a non-vulnerable version or a different product, as no official vendor patch or countermeasure is currently available. Avoid exposing the device's management interface to untrusted networks and restrict remote access to reduce exploitation risk. [2]