CVE-2025-60699

MEDIUM EPSS 50.3%
Published Nov 13, 20257mo ago · Modified Jun 17, 20262w ago
6.5 CVSS 3.1
Medium
Find Similar
Published Nov 13, 2025 7mo ago
Last Modified Jun 17, 2026 2w ago

Description

A buffer overflow vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c.4592_B20191022_ALL within the `global.so` binary. The `getSaveConfig` function retrieves the `http_host` parameter from user input via `websGetVar` and copies it into a fixed-size stack buffer (`v13`) using `strcpy()` without performing any length checks. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the router's web interface, potentially leading to arbitrary code execution.

CVSS Details

Base Score
6.5
Exploitability
3.9
Impact
2.5
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability Low

Threat Intelligence

EPSS Exploit Probability
50.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-121

Affected Products 2

VendorProductVersionRange
totolinka950rg_firmware5.9c.4592_b20191022any
totolinka950rg*any

References 3

  • github.com https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-A950RG/2.md
    Broken Link
  • github.com https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-A950RG/CVE-2025-60699.md
    ExploitThird Party Advisory
  • totolink.net https://www.totolink.net/
    Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.