Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.9
CVE-2026-7747: Totolink N300RH Router Password Buffer Overflow Risk
CVE-2026-7747
Summary
A security flaw in the Totolink N300RH router's password system can be exploited by hackers to gain unauthorized access. This can happen if an attacker sends a malicious password to the router. To protect your network, update your router's software to the latest version.
Original title
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler....
Original description
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
10.0
nvd CVSS3.1
9.8
nvd CVSS4.0
8.9
Vulnerability type
CWE-119
Buffer Overflow
CWE-120
Classic Buffer Overflow
Published: 4 May 2026 · Updated: 30 May 2026 · First seen: 4 May 2026