CVE-2026-6194: Stack-based Buffer Overflow in Totolink A3002MU
A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
AI Analysis
Technical Summary
The Totolink A3002MU router firmware version B20211125.1046 contains a stack-based buffer overflow vulnerability (CVE-2026-6194) in the HTTP Request Handler component. The issue arises from improper handling of the wan-url argument in the function sub_410188 located in /boafrm/formWlanSetup. This flaw can be remotely exploited without user interaction or privileges, allowing an attacker to overflow the stack buffer. The vulnerability has a CVSS 4.0 base score of 8.7, indicating high severity. Although a public exploit is available, there is no vendor-provided patch or official remediation information currently. The device is not a cloud service, so remediation depends on vendor firmware updates.
Potential Impact
Successful exploitation of this vulnerability can lead to a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code or cause a denial of service on affected Totolink A3002MU devices running firmware B20211125.1046. The vulnerability is remotely exploitable without authentication or user interaction, increasing the risk. However, no confirmed active exploitation in the wild has been reported so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or fix has been provided by Totolink, users should monitor for firmware updates addressing this vulnerability. Until a fix is available, consider restricting access to the device's management interface from untrusted networks to reduce exposure.
CVE-2026-6194: Stack-based Buffer Overflow in Totolink A3002MU
Description
A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Totolink A3002MU router firmware version B20211125.1046 contains a stack-based buffer overflow vulnerability (CVE-2026-6194) in the HTTP Request Handler component. The issue arises from improper handling of the wan-url argument in the function sub_410188 located in /boafrm/formWlanSetup. This flaw can be remotely exploited without user interaction or privileges, allowing an attacker to overflow the stack buffer. The vulnerability has a CVSS 4.0 base score of 8.7, indicating high severity. Although a public exploit is available, there is no vendor-provided patch or official remediation information currently. The device is not a cloud service, so remediation depends on vendor firmware updates.
Potential Impact
Successful exploitation of this vulnerability can lead to a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code or cause a denial of service on affected Totolink A3002MU devices running firmware B20211125.1046. The vulnerability is remotely exploitable without authentication or user interaction, increasing the risk. However, no confirmed active exploitation in the wild has been reported so far.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or fix has been provided by Totolink, users should monitor for firmware updates addressing this vulnerability. Until a fix is available, consider restricting access to the device's management interface from untrusted networks to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-04-13T08:43:38.208Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69dd44ab82d89c981f46e10c
Added to database: 4/13/2026, 7:31:55 PM
Last enriched: 4/13/2026, 7:46:51 PM
Last updated: 4/15/2026, 7:40:16 PM
Views: 19
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.