CVE-2026-5676

A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...

EUVD-2026-19434

A vulnerability was identified in Totolink A8000R 5.9c.681B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. The attack can be launched remotely. The exploit is publicly available...

CVE-2025-12241 TOTOLINK A3300R POST Parameter cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability was detected in TOTOLINK A3300R 17.0.0cu.557B20221024. This impacts the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. The manipulation of the argument lang results in stack-based buffer overflow. It is possible to launch the atta...

The vulnerability of the setLanguageCfg() function in TOTOLINK EX200 router microprogramming software allows a intruder to execute arbitrary commands.

The vulnerability of the setLanguageCfg function in TOTOLINK EX200 router microprogramming software lies in the lack of measures taken to clean up data at the control level when processing the langType parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

TOTOLINK EX1200L 安全漏洞

The TOTOLINK EX1200L is a wireless repeater from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200L suffers from a stack buffer overflow vulnerability that originates from the parameter langType of the setLanguageCfg function of the file /www/cgi-bin/cstecgi.cgi, which can lead to a...

CVE-2024-34203

TOTOLINK CP450 v4.1.0cu.747B20191224 was discovered to contain a stack buffer overflow vulnerability in the setLanguageCfg function...

PT-2024-25738 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the setLanguageCfg function, which can be exploited. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling th...

TOTOLINK A3700R 安全漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3700R suffers from a buffer overflow vulnerability that stems from the setLanguageCfg method failing to properly validate the length and size of the input data, which can be exploited by an attacker to...

The vulnerability of the setLanguageCfg() function (/cgi-bin/cstecgi.cgi) in the Totolink LR1200GB router software allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the setLanguageCfg function /cgi-bin/cstecgi.cgi of the Totolink LR1200GB router software lies in the fact that the operation is carried out outside the buffer in memory when processing the lang parameter. Exploiting this vulnerability allows an attacker to execute arbitrary...

PT-2023-31738 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is achieved through the langFlag parameter of the "setLanguageCfg" interface in the "cstecgi.cgi" endpoint...

CVE-2023-45984

TOTOLINK X5000R V9.1.0u.6118B20201102 and TOTOLINK A7000R V9.1.0u.6115B20201022 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg...

CVE-2023-39617

TOTOLINK X5000RV9.1.0cu.2089B20211224 and X5000RV9.1.0cu.2350B20230313 were discovered to contain a remote code execution RCE vulnerability via the lang parameter in the setLanguageCfg function...

PT-2022-27155 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the lang parameter in the setLanguageCfg function. This allows for potential exploitation after authentication has be...

TOTOLINK N350RT 缓冲区错误漏洞

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. A buffer error vulnerability exists in the TOTOLINK N350RT version V9.3.5u.6139B20201216, which stems from a lang parameter command injection issue in the setLanguageCfg method...