Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.9
CVE-2026-10187: Totolink N300RH Web Interface WiFi Settings Vulnerability
CVE-2026-10187
Summary
A hacker can exploit a weakness in the WiFi settings of Totolink N300RH's web interface, potentially allowing them to remotely take control of the device. This is a serious risk because it allows attackers to access the device without being physically present. Users should update their Totolink N300RH firmware to the latest version to fix this issue.
Original title
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Per...
Original description
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
nvd CVSS2.0
10.0
nvd CVSS3.1
9.8
nvd CVSS4.0
8.9
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 31 May 2026 · Updated: 31 May 2026 · First seen: 31 May 2026