CVE-2025-60334
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-24

Assigner: MITRE

Description
TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-24
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-60334
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
totolink n600r_firmware 4.3.0cu.7866_b20220506
totolink n600r *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stack overflow in the ssid parameter within the setWiFiBasicConfig function of TOTOLINK N600R firmware version 4.3.0cu.7866_B20220506. An attacker can exploit this by sending a specially crafted input to the ssid parameter, causing the device to crash or become unresponsive. [1, 2]

Impact Analysis

The vulnerability can cause a Denial of Service (DoS) on the affected device, meaning the device may crash or stop functioning properly, potentially disrupting network connectivity and services relying on the router.

Detection Guidance

Detection of this vulnerability involves testing the ssid parameter in the setWiFiBasicConfig function for stack overflow conditions. Specific commands or detection scripts are not provided in the resources, but reviewing or using the proof-of-concept code available in the linked GitHub repositories may help in crafting detection methods. [1, 2]

Mitigation Strategies

Immediate mitigation steps are not explicitly detailed in the provided resources. Generally, to mitigate a stack overflow vulnerability in the ssid parameter, avoid using vulnerable firmware versions (such as TOTOLINK N600R v4.3.0cu.7866_B20220506) and apply any available patches or updates from the vendor. If no patch is available, restricting access to the device's configuration interface and monitoring for unusual input patterns may help reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-60334. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart