Volerion logoVolerion
Volerion logoVolerion

TOTOLINK NR1800X Stack Overflow Vulnerability in WiFi Configuration

Vulnerability

A stack overflow vulnerability has been identified in the TOTOLINK NR1800X router, specifically in version V9.1.0u.6681_B20230703. The issue arises in the setWiFiBasicCfg function, where the ssid parameter is processed without proper length validation. This flaw allows authenticated users to send overly long SSID values, leading to a buffer overflow condition.

Impact

Exploitation of this vulnerability causes a stack-based buffer overflow, which can potentially be leveraged to execute arbitrary code or cause a denial-of-service condition by crashing the device.

Reproduction

To reproduce this vulnerability, send a POST request to the /cgi-bin/cstecgi.cgi endpoint, including a token in the request headers. The request must contain a JSON payload with an excessively long ssid value, exceeding 128 characters. The absence of length checks in the setWiFiBasicCfg function allows this overflow to occur.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
2.5
exploitability
6.2
remediation
7.7
relevance
0.0
threat
6.4
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.