CVE-2026-10187

CRITICAL

Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

Title source: cna

Exploitation Summary

EIP tracks 2 public exploits for CVE-2026-10187. PoCs published by wnaspy, passwa11.

AI-analyzed exploit summary The repository contains functional exploit code for CVE-2026-10187, including payloads for bind shell, command execution, and reverse shell. The presence of multiple payload types and a scanner suggests a comprehensive PoC.

Description

A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used.

Exploits (2)

github WORKING POC

by wnaspy · pythonpoc

https://github.com/wnaspy/CVE-POC-WEAPON/tree/main/CVE-2026-10187.zip

View Code ZIP pw:eip

The repository contains functional exploit code for CVE-2026-10187, including payloads for bind shell, command execution, and reverse shell. The presence of multiple payload types and a scanner suggests a comprehensive PoC.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Unknown (likely a network service or web application)

No auth needed

Prerequisites: Network access to the target · Python environment with dependencies listed in requirements.txt

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Jun 14, 2026 Full analysis →

github WRITEUP

by passwa11 · poc

https://github.com/passwa11/CVE-2026-10187

View Code ZIP pw:eip

This repository contains a detailed technical analysis of a stack-based buffer overflow vulnerability (CVE-2026-10187) in the TOTOLINK N300RH router, specifically in the `setWiFiBasicConfig` handler within `wireless.so`. The writeup includes root cause analysis, affected versions, and a proof-of-concept exploit demonstrating the vulnerability.

Classification

Writeup 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: TOTOLINK N300RH Wireless Router (Firmware V6.1c.1390_B20191101)

No auth needed

Prerequisites: Network access to the target device's web management interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Jun 03, 2026 Full analysis →

References (7)

Core 7

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-367468 | Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

https://vuldb.com/vuln/367468

Signature, Permissions Required signature permissions-required

VDB-367468 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/367468/cti

Third Party Advisory third-party-advisory

CVE-2026-10187 | CVE Analysis and Report

https://vuldb.com/cve/CVE-2026-10187

Third Party Advisory third-party-advisory

Submit #819971 | Totolink N300RHv4 V6.1c.1353_B20190305 stack-based buffer overflow

https://vuldb.com/submit/819971

Third Party Advisory third-party-advisory

Submit #820133 | Totolink N300RHv4 V6.1c.1353_B20190305 stack-based buffer overflow (Duplicate)

https://vuldb.com/submit/820133

Exploit exploit

https://wx.mail.qq.com/s?k=iXbjuHnfMwoD0oWW3v

Product product

https://www.totolink.net/

Scores

CVSS v3 9.8

EPSS 0.0068

EPSS Percentile 47.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-119 CWE-121

Status published

Products (1)

Totolink/N300RH 6.1c.1353_B20190305

Published May 31, 2026

Tracked Since May 31, 2026