๐Ÿ” CVE Alert

CVE-2025-60688

MEDIUM 6.5
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack buffer using strcpy() without any length validation. Maliciously crafted input can overflow the buffer, leading to potential arbitrary code execution or memory corruption, without requiring authentication.

Vendor n/a
Product n/a
Published Nov 13, 2025
Last Updated Jul 5, 2026
Stay Ahead of the Next One

Get instant alerts for n/a n/a

Be the first to know when new medium vulnerabilities affecting n/a n/a are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

n/a / n/a
n/a

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
totolink.net: https://www.totolink.net/ github.com: https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-LR1200GB/CVE-2025-60688.md