Ghostwire

CVE-2026-7717: A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function...

HIGH CVSS 8.8

Published: May 4, 2026 | Last Modified: May 4, 2026

Description

A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Ghostwire Analysis — What This Means Practically

High CVSS score indicates significant risk — exploitation could lead to substantial data exposure or system compromise.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References

lavender-bicycle-a5a.notion.site/TOTOLINK-WA300-UploadCustomModule-34553a41781f8
vuldb.com/submit/807193
vuldb.com/vuln/360893
vuldb.com/vuln/360893/cti
www.totolink.net/
www.tenable.com/cve/CVE-2026-7717
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2026-7717
nvd.nist.gov/vuln/detail/CVE-2026-7717