Details of VAR-202511-1324

ID

VAR-202511-1324

CVE

CVE-2025-60686

TITLE

plural TOTOLINK Stack-based buffer overflow vulnerability in products

Trust: 0.8

sources: JVNDB: JVNDB-2025-019636

DESCRIPTION

A local stack-based buffer overflow vulnerability exists in the infostat.cgi and cstecgi.cgi binaries of ToToLink routers (A720R V4.1.5cu.614_B20230630, LR1200GB V9.1.0u.6619_B20230130, and NR1800X V9.1.0u.6681_B20230703). Both programs parse the contents of /proc/net/arp using sscanf() with "%s" format specifiers into fixed-size stack buffers without length validation. Specifically, one function writes user-controlled data into a single-byte buffer, and the other into adjacent small arrays without bounds checking. An attacker who controls the contents of /proc/net/arp can trigger memory corruption, leading to denial of service or potential arbitrary code execution

Trust: 1.62

sources: NVD: CVE-2025-60686 // JVNDB: JVNDB-2025-019636

AFFECTED PRODUCTS

vendor:	totolink	model:	a720r	scope:	eq	version:	4.1.5cu.614_b20230630	Trust: 1.0
vendor:	totolink	model:	lr1200gb	scope:	eq	version:	9.1.0u.6619_b20230130	Trust: 1.0
vendor:	totolink	model:	nr1800x	scope:	eq	version:	9.1.0u.6681_b20230703	Trust: 1.0
vendor:	totolink	model:	a720r	scope:	-	version:	-	Trust: 0.8
vendor:	totolink	model:	lr1200gb	scope:	-	version:	-	Trust: 0.8
vendor:	totolink	model:	nr1800x	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2025-019636 // NVD: CVE-2025-60686

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-60686
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2025-019636
value:	MEDIUM
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2025-60686
baseSeverity:	MEDIUM
baseScore:	5.1
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	2.5
impactScore:	2.5
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-019636
baseSeverity:	MEDIUM
baseScore:	5.1
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2025-019636 // NVD: CVE-2025-60686

PROBLEMTYPE DATA

problemtype:	CWE-121	Trust: 1.0
problemtype:	Stack-based buffer overflow (CWE-121) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-019636 // NVD: CVE-2025-60686

EXTERNAL IDS

db:	NVD	id:	CVE-2025-60686	Trust: 2.6
db:	JVNDB	id:	JVNDB-2025-019636	Trust: 0.8

sources: JVNDB: JVNDB-2025-019636 // NVD: CVE-2025-60686

REFERENCES

url:	https://github.com/yifan20020708/sgtaint-0-day/blob/main/totolink/totolink-a720r/cve-2025-60686.md	Trust: 1.8
url:	https://www.totolink.net/	Trust: 1.8
url:	http://totolink.com	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-60686	Trust: 0.8

sources: JVNDB: JVNDB-2025-019636 // NVD: CVE-2025-60686

SOURCES

db:	JVNDB	id:	JVNDB-2025-019636
db:	NVD	id:	CVE-2025-60686

LAST UPDATE DATE

2025-11-22T23:11:58.945000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2025-019636	date:	2025-11-21T05:53:00
db:	NVD	id:	CVE-2025-60686	date:	2025-11-19T17:41:28.740

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2025-019636	date:	2025-11-21T00:00:00
db:	NVD	id:	CVE-2025-60686	date:	2025-11-13T16:15:52.590