CVE-2025-60686

Name of the Vulnerable Software and Affected Versions TOTOLINK A720R versions prior to 4.1.5cu.614 B20230630 TOTOLINK LR1200GB versions prior to 9.1.0u.6619 B20230130 TOTOLINK NR1800X versions prior to 9.1.0u.6681 B20230703

Description A stack-based buffer overflow exists in the infostat.cgi and cstecgi.cgi binaries of TOTOLINK routers. The programs parse the contents of /proc/net/arp using the sscanf() function with the "%s" format specifier into fixed-size stack buffers without validating the length of the input. One function writes user-controlled data into a single-byte buffer, while another writes into adjacent small arrays without bounds checking. An attacker controlling the contents of /proc/net/arp can trigger memory corruption, potentially leading to denial of service or arbitrary code execution.

Recommendations TOTOLINK A720R versions prior to 4.1.5cu.614 B20230630 should be updated. TOTOLINK LR1200GB versions prior to 9.1.0u.6619 B20230130 should be updated. TOTOLINK NR1800X versions prior to 9.1.0u.6681 B20230703 should be updated.