CVE-2025-12259 | TOTOLINK A3300R 17.0.0cu.557_B20221024 POST Parameter /cgi-bin/cstecgi.cgi setScheduleCfg recHour stack-based overflow

October 26, 2025 Yanac

A vulnerability was found in TOTOLINK A3300R 17.0.0cu.557_B20221024. It has been classified as critical. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component POST Parameter Handler. This manipulation of the argument recHour causes stack-based buffer overflow.

The identification of this vulnerability is CVE-2025-12259. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.VulDB Recent EntriesRead More