Platform
linux
Component
totolink-a7000r
Fixed in
9.1.1
CVE-2026-6168 describes a stack-based buffer overflow vulnerability present in the TOTOLINK A7000R router, specifically within the setWiFiEasyGuestCfg function of the /cgi-bin/cstecgi.cgi file. Successful exploitation allows a remote attacker to potentially cause a denial of service or execute arbitrary code. This vulnerability affects versions 9.1.0u.6115 through 9.1.0u.6115, and a patch is available to mitigate the risk.
A critical vulnerability has been identified in the TOTOLINK A7000R router, affecting versions up to 9.1.0u.6115 (CVE-2026-6168). This vulnerability, rated with a CVSS score of 8.8, is a stack-based buffer overflow within the setWiFiEasyGuestCfg function of the /cgi-bin/cstecgi.cgi file. A remote attacker can exploit this flaw by sending malicious data to the ssid5g parameter, potentially leading to arbitrary code execution on the device and compromising network security. The public release of a functional exploit significantly increases the risk of real-world attacks. The severity of this vulnerability necessitates immediate attention, especially for users relying on this router to protect their data and devices.
The CVE-2026-6168 vulnerability lies in how the TOTOLINK A7000R router handles user input for the ssid5g parameter in the guest network configuration. An attacker can send an excessively long or specially crafted input string to this parameter, causing a buffer overflow in the router's memory. This overflow can overwrite critical data, including the function return address, allowing the attacker to execute malicious code. The public availability of a functional exploit facilitates the exploitation of this vulnerability by attackers with varying levels of technical skill, increasing the risk of targeted attacks against TOTOLINK A7000R devices.
Exploit Status
EPSS
0.09% (25% percentile)
CISA SSVC
Currently, no official fix has been provided by TOTOLINK for this vulnerability. The most effective mitigation is to avoid using the TOTOLINK A7000R router until a firmware update is released. As a temporary measure, it is recommended to isolate the router from the network, disable the guest function (if enabled), and monitor network traffic for suspicious activity. Users are advised to contact TOTOLINK directly to request an update and stay informed about the correction status. Network security depends on proactive measures and timely device updates.
Actualice el firmware del router TOTOLINK A7000R a una versión posterior a 9.1.0u.6115 para mitigar el riesgo de desbordamiento de búfer en la pila. Consulte el sitio web oficial de TOTOLINK para obtener las actualizaciones más recientes y las instrucciones de instalación.
Vulnerability analysis and critical alerts directly to your inbox.
It's a unique identifier for this vulnerability, used to track and reference it.
It's a programming error that occurs when a program attempts to write data beyond the boundaries of a reserved memory area.
Stop using the router until TOTOLINK releases a firmware update. Isolate the router from your network as a temporary measure.
Consult the TOTOLINK website or reputable cybersecurity sources for updates.
Disabling the guest function and monitoring network traffic can help mitigate the risk.
CVSS Vector
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.