TOTOLINK WA1200 NULL Pointer Dereference Vulnerability in cstecgi.cgi Affected Products TOTOLINK WA1200-PoE Firmware V5.9c.2914 Download Address Firmware Download Link Details A NULL pointer dereference vulnerability exists in the CGI program of the affected TOTOLINK WA1200-PoE firmware. The vulnerability can be triggered by sending a crafted HTTP request to the endpoint. Root Cause The root cause is missing NULL pointer validation after a failed backend request. When the backend service fails, the response pointer remains NULL, leading to a NULL pointer dereference. Reachability The vulnerability is reachable remotely through the web management interface. An attacker can trigger it by sending a crafted HTTP request containing the parameter. No authentication is required. PoC The proof-of-concept demonstrates triggering the vulnerability in a QEMU emulated environment. When the backend service is unreachable, the CGI process crashes due to a NULL pointer dereference. Example request: