๐Ÿ” CVE Alert

CVE-2026-15701

CRITICAL 9.8

Totolink NR1800X lighttpd formLogout.htm Form_Logout stack-based overflow

CVSS Score
9.8
EPSS Score
0.8%
EPSS Percentile
52th

A weakness has been identified in Totolink NR1800X 9.1.0u.6279_B20210910. Affected by this issue is the function Form_Logout of the file /formLogout.htm of the component lighttpd. This manipulation of the argument Host causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks.

CWE CWE-121 CWE-119
Vendor totolink
Product nr1800x
Published Jul 14, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for totolink nr1800x

Be the first to know when new critical vulnerabilities affecting totolink nr1800x are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Totolink / NR1800X
9.1.0u.6279_B20210910

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
vuldb.com: https://vuldb.com/vuln/378248 vuldb.com: https://vuldb.com/vuln/378248/cti vuldb.com: https://vuldb.com/cve/CVE-2026-15701 vuldb.com: https://vuldb.com/submit/856136 github.com: https://github.com/fu9-dotom/cve/issues/1 totolink.net: https://www.totolink.net/

Credits

๐Ÿ” fuguang (VulDB User)