CVE-2026-7219
HIGH
7,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: high
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
HIGH
7,2
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: high
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
8,3
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: multiple
Confidentiality: complete
Integrity: complete
Availability: complete
Description
AI Translation Available
A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the argument entry_name can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
119
Improper Restriction of Operations within the Bounds of a Memory Buffer
StableCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Execute Unauthorized Code Or Commands
Modify Memory
Read Memory
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Dos: Resource Consumption (Memory)
Applicable Platforms
Languages:
Assembly, C, C++, Memory-Unsafe
120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
IncompleteCommon Consequences
Security Scopes Affected:
Integrity
Confidentiality
Availability
Potential Impacts:
Modify Memory
Execute Unauthorized Code Or Commands
Dos: Crash, Exit, Or Restart
Dos: Resource Consumption (Cpu)
Applicable Platforms
Languages:
Assembly, C, C++, Memory-Unsafe
https://github.com/xiaohaiyang-ai/IoT-Vulnerability-Research/tree/main/Vendors/…
https://vuldb.com/submit/808194
https://vuldb.com/vuln/359819
https://vuldb.com/vuln/359819/cti
https://www.totolink.net/