Cyber Resilience

CVE-2026-1143

HighPublic PoC

Published: 19 January 2026

Published
19 January 2026
Modified
29 January 2026
KEV Added
Patch
CVSS Score v4 7.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0066 46.6th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-1143 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Totolink A3700R Firmware. Its CVSS base score is 7.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 46.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).

Deeper analysis

CVE-2026-1143 is a buffer overflow vulnerability affecting the TOTOLINK A3700R router on firmware version 9.1.2u.5822_B20200513. The issue lies in the setWiFiEasyGuestCfg function within the /cgi-bin/cstecgi.cgi file, where manipulation of the ssid argument triggers the overflow. Published on 2026-01-19, it is associated with CWEs-119 and CWE-120.

The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating network-based remote exploitation with low complexity and low privileges required, such as an authenticated user, and no user interaction needed. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, potentially allowing remote code execution. A public exploit is available for attacks.

Advisories and details are available at https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3700R-setWiFiEasyGuestCfg-2e353a41781f8057a244ead07d5eaaff?source=copy_link, https://vuldb.com/?ctiid.341735, https://vuldb.com/?id.341735, and https://vuldb.com/?submit.735502, with the vendor site at https://www.totolink.net/.

EU & UK References

Vulnerability details

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been…

more

made available to the public and could be used for attacks.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

The vulnerability is a buffer overflow in a public-facing router web interface (CGI script) enabling remote code execution with low privileges, directly mapping to exploitation of public-facing applications.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-1328Same vendor: Totolink
CVE-2025-9780Same vendor: Totolink
CVE-2025-7837Same vendor: Totolink
CVE-2025-9303Same vendor: Totolink
CVE-2025-9783Same vendor: Totolink
CVE-2025-12239Same vendor: Totolink
CVE-2025-7758Same vendor: Totolink
CVE-2025-7460Same vendor: Totolink
CVE-2025-8242Same vendor: Totolink
CVE-2026-1156Same vendor: Totolink

Affected Assets

totolink
a3700r firmware
9.1.2u.5822_b20200513

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the buffer overflow flaw in the setWiFiEasyGuestCfg function by identifying, reporting, and correcting the vulnerability through patching or firmware updates.

prevent

Enforces validation of the ssid argument in the cgi-bin script to prevent buffer overflows from malicious input manipulation.

prevent

Implements memory protections such as DEP or stack canaries to mitigate exploitation of the buffer overflow for remote code execution.

References