| Title | TOTOLINK T6 V4.1.5cu.748_B20211015 Buffer Overflow |
|---|
| Description | TOTOLINK Mesh Wifi T6 router has a buffer overflow vulnerability that lead to RCE. This vulnerability can be triggered through the topicurl `setDiagnosisCfg`. An attacker can implement a RCE attack by sending a malicious HTTP POST request. |
|---|
| Source | ⚠️ https://github.com/AnduinBrian/Public/blob/main/Totolink%20T6/Vuln/3.md |
|---|
| User | reisen_1943 (UID 76990) |
|---|
| Submission | 07/14/2025 11:53 (9 months ago) |
|---|
| Moderation | 07/17/2025 12:43 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316748 [TOTOLINK T6 up to 4.1.5cu.748_B20211015 HTTP POST Request /cgi-bin/cstecgi.cgi setDiagnosisCfg ip buffer overflow] |
|---|
| Points | 16 |
|---|