CVE-2025-60694
Last modified
CVE-2025-60694 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function improperly concatenates user-supplied CGI parameters (route_ipaddr_0~3, route_netmask_0~3, route_gateway_0~3) into fixed-size buffers (v6, v10, v14) without proper bounds checking. EPSS estimates a 1.26% chance of exploitation in the next 30 days.
Description
A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function improperly concatenates user-supplied CGI parameters (route_ipaddr_0~3, route_netmask_0~3, route_gateway_0~3) into fixed-size buffers (v6, v10, v14) without proper bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linksys | E1200 Firmware | 2.0.11.001 |
References
- http://linksys.comProduct
- https://github.com/yifan20020708/SGTaint-0-day/blob/main/Linksys/Linksys-E1200/CVE-2025-60694.mdExploit, Third Party Advisory
- https://www.linksys.com/Product
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-60694?
How severe is CVE-2025-60694?
How do I fix CVE-2025-60694?
Are you affected by CVE-2025-60694?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST