Primary

Context

Totolink N600R Stack Overflow Vulnerability in setWanConfig Function

Vulnerability

A stack overflow vulnerability has been identified in the Totolink N600R router, specifically in version 4.3.0cu.7647_B20210106. The issue arises in the setWanConfig function, where the macCloneMac parameter can be manipulated to cause a buffer overflow by exploiting a string concatenation operation.

Impact

Exploitation of this vulnerability leads to a stack overflow, which can potentially be used to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Reproduction

The vulnerability can be reproduced by sending a crafted JSON payload to the cstecgi.cgi script in the router's CGI-bin directory. The payload must include a macCloneMac value that exceeds the buffer size, triggering the overflow. This can be done using a QEMU command that simulates the router environment.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

9.1

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

9.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Totolink N600R Stack Overflow Vulnerability in setWanConfig Function

Vulnerability

Impact

Reproduction

Affected Products

Totolink N600R

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating