CVE-2026-10187
CRITICAL · 9.8 EPSS 0.7%Public exploit claimed but no PoC artifact linked; duplicate social spam masks real signal; no KEV or vendor action yet.
What: Stack-based buffer overflow in Totolik N300RH web management interface (wireless.so setWiFiBasicConfig). CVSS 9.8 critical; remote code execution via malformed KeyStr argument.
Why it matters: NVD states exploit is public. However, CVE not yet KEV-listed. Social chatter is copy-paste alert spam with no PoC links, defender triage questions, or vendor patch updates. Low EPSS (0.41%) and no evidence of active scanning or in-the-wild exploitation. Appears to be early-stage disclosure amplification.
Where it's seen: Repetitive social media alerts (same few posts duplicated); no independent researcher PoCs, no vendor advisory from Totolik, no security firm hunting reports.
RISK: HIGH — Critical CVSS, public exploit, old unmaintained router model, remote unauthenticated access.
Description
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.
CVSS 3.1 breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H- Attack vector
- Network
- Complexity
- Low
- Privileges required
- None
- User interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- High
- Availability
- High