Description

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack buffer using strcpy() without any length validation. Maliciously crafted input can overflow the buffer, leading to potential arbitrary code execution or memory corruption, without requiring authentication.

INFO

Published Date :

2025-11-13T00:00:00.000Z

Last Modified :

2025-11-13T17:36:37.203Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-60688 vulnerability.

Vendors Products
Totolink
  • Lr1200gb
  • Nr1800x
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-60688.

URL Resource
http://totolink.com cve-icon cve-icon
https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-LR1200GB/CVE-2025-60688.md cve-icon cve-icon
https://www.totolink.net/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System