CVE-2026-44089: CWE-121 Stack-based Buffer Overflow in Totolink EX1200L
Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be exploited to cause the program to crash and to execute code remotely. This allows the attacker to perform actions as root including reading and editing data, as well as bricking the router. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 9.3.5u.6146_B20201023 but may also affect other versions.
AI Analysis
Technical Summary
CVE-2026-44089 is a stack-based buffer overflow vulnerability (CWE-121) in the Totolink EX1200L router's login functionality via the cgi-bin/cstecgi.cgi endpoint. This vulnerability allows unauthenticated remote attackers to cause a program crash or execute arbitrary code with root privileges. The issue is confirmed in version 9.3.5u.6146_B20201023. No official remediation or patch has been published, and vendor contact attempts have failed. The CVSS 4.0 base score is 9.4, indicating critical severity with high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation results in remote code execution as root, enabling attackers to read and modify data or permanently disable (brick) the router. This compromises the device's confidentiality, integrity, and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or vendor advisory is available and vendor contact attempts have failed, users should consider mitigating exposure by restricting access to the vulnerable endpoint, disabling remote management if possible, or replacing the device with a secure alternative until a patch is released.
CVE-2026-44089: CWE-121 Stack-based Buffer Overflow in Totolink EX1200L
Description
Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be exploited to cause the program to crash and to execute code remotely. This allows the attacker to perform actions as root including reading and editing data, as well as bricking the router. Because vendor contact attempts were unsuccessful, the vulnerability has only been confirmed in version 9.3.5u.6146_B20201023 but may also affect other versions.
CVSS v4.0
Score 9.4critical
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-44089 is a stack-based buffer overflow vulnerability (CWE-121) in the Totolink EX1200L router's login functionality via the cgi-bin/cstecgi.cgi endpoint. This vulnerability allows unauthenticated remote attackers to cause a program crash or execute arbitrary code with root privileges. The issue is confirmed in version 9.3.5u.6146_B20201023. No official remediation or patch has been published, and vendor contact attempts have failed. The CVSS 4.0 base score is 9.4, indicating critical severity with high impact on confidentiality, integrity, and availability.
Potential Impact
Successful exploitation results in remote code execution as root, enabling attackers to read and modify data or permanently disable (brick) the router. This compromises the device's confidentiality, integrity, and availability.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official fix or vendor advisory is available and vendor contact attempts have failed, users should consider mitigating exposure by restricting access to the vulnerable endpoint, disabling remote management if possible, or replacing the device with a secure alternative until a patch is released.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CERT-PL
- Date Reserved
- 2026-05-05T09:40:05.100Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3a81fdeed863c81e009c3d
Added to database: 06/23/2026, 12:54:21 UTC
Last enriched: 06/23/2026, 13:09:23 UTC
Last updated: 06/23/2026, 14:13:46 UTC
Views: 57
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.