JackWesleyy

4 exploits Active since Dec 2025
CVE-2026-0731 WRITEUP MEDIUM WRITEUP
Totolink Wa1200-poe - NULL Pointer Dereference
A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVSS 5.3
CVE-2025-14964 WRITEUP CRITICAL WRITEUP
Totolink T10 Firmware - Memory Corruption
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5083_B20200521. This affects the function sprintf of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument loginAuthUrl leads to stack-based buffer overflow. The attack may be performed from remote.
CVSS 9.8
CVE-2026-0641 WRITEUP MEDIUM WRITEUP
Totolink Wa300 Firmware - Command Injection
A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112_B20190227. This vulnerability affects the function sub_401510 of the file cstecgi.cgi. The manipulation of the argument UPLOAD_FILENAME leads to command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
CVSS 6.3
CVE-2026-0731 WRITEUP MEDIUM WRITEUP
Totolink Wa1200-poe - NULL Pointer Dereference
A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
CVSS 5.3