CVE-2026-26731

CVSS v3.1

8.8

High

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TOTOLINK A3002RU version 2.1.1-B20211108.1455

Description A stack-based buffer overflow exists due to the routernamer parameter within the formDnsv6 function. The issue is present in TOTOLINK A3002RU version 2.1.1-B20211108.1455. The vulnerable parameter is routernamer.

Recommendations Update TOTOLINK A3002RU to a version newer than 2.1.1-B20211108.1455. As a temporary workaround, restrict or disable the use of the formDnsv6 function.

Exploit

Fix

Stack Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121CWE-787

Related Identifiers

CVE-2026-26731

Affected Products

Totolink A3002Ru

CVE-2026-26731

Weakness Enumeration

Related Identifiers

Affected Products

References · 10