CVE-2025-12260 | TOTOLINK A3300R 17.0.0cu.557_B20221024 POST Parameter /cgi-bin/cstecgi.cgi setSyslogCfg enable stack-based overflow

October 26, 2025 Yanac

A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024. It has been declared as critical. The impacted element is the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. Such manipulation of the argument enable leads to stack-based buffer overflow.

This vulnerability is referenced as CVE-2025-12260. It is possible to launch the attack remotely. Furthermore, an exploit is available.VulDB Recent EntriesRead More