<0.1% probability · 25.8th percentile — 2026-05-12
Affected versions
Totolink N300RT firmware 3.4.0-B20250430
Summary
This is a remotely exploitable buffer overflow vulnerability in Totolink N300RT wireless routers. The flaw exists in the is_cmd_string_valid function of libapmib.so in the formWsc component. Manipulation of the localPin parameter can trigger the buffer overflow remotely. A successful exploit can lead to arbitrary code execution on the affected router.
Remediation
Install the latest official firmware update from Totolink for the N300RT model as soon as it is available. Restrict public access to the router's management interface if a patch is not yet available. Monitor for unauthorized activity on affected devices.
Exploit info
This exploit has been publicly disclosed, with references to this issue documented in trusted public vulnerability databases. You may check Exploit-DB or GitHub for potential exploit details.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.