CVE 8.8 HIGH

CVE-2025-60690_CVE-2025-60690

November 13, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function concatenates up to four user-supplied CGI parameters matching <parameter>_0~3 into a fixed-size buffer (a2) without bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.

AI Analysis

Stack-based buffer overflow in Linksys E1200 v2 router's httpd binary via specially crafted HTTP requests

Basic Information

ID CVE-2025-60690

Source mitre

Published Nov 13, 2025 at 00:00

Modified Nov 13, 2025 at 17:54

Affected Product

Vendor Linksys

Product Linksys E1200

Version E1200_v2.0.11.001_us

Affected Versions n/a n/a n/a

CWE Classification

CWE-121

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Linksys

Product Linksys E1200

Version E1200_v2.0.11.001_us

References

{
    "lastseen": "",
    "description": "A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function concatenates up to four user-supplied CGI parameters matching <parameter>_0~3 into a fixed-size buffer (a2) without bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.",
    "published": "2025-11-13T00:00:00.000Z",
    "modified": "2025-11-13T17:54:08.432Z",
    "type": "cve",
    "title": "CVE-2025-60690",
    "source": "mitre",
    "references": "http://linksys.com\nhttps://www.linksys.com/\nhttps://github.com/yifan20020708/SGTaint-0-day/blob/main/Linksys/Linksys-E1200/CVE-2025-60690.md",
    "id": "CVE-2025-60690",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Linksys E1200",
    "version": "E1200_v2.0.11.001_us",
    "vendor": "Linksys",
    "ai_description": "Stack-based buffer overflow in Linksys E1200 v2 router's httpd binary via specially crafted HTTP requests",
    "ai_severity": "High",
    "ai_vendor": "Linksys",
    "ai_product": "Linksys E1200",
    "ai_version": "E1200_v2.0.11.001_us",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply