CVE-2025-60334
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2025-60334, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-22

Last updated on: 2025-10-24

Assigner: MITRE

Description

TOTOLINK N600R v4.3.0cu.7866_B20220506 was discovered to contain a stack overflow in the ssid parameter in the setWiFiBasicConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-22
Last Modified
2025-10-24
Generated
2026-07-06
AI Q&A
2025-10-22
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
totolink n600r_firmware 4.3.0cu.7866_b20220506
totolink n600r *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a stack overflow in the ssid parameter within the setWiFiBasicConfig function of TOTOLINK N600R firmware version 4.3.0cu.7866_B20220506. An attacker can exploit this by sending a specially crafted input to the ssid parameter, causing the device to crash or become unresponsive. [1, 2]

Impact Analysis

The vulnerability can cause a Denial of Service (DoS) on the affected device, meaning the device may crash or stop functioning properly, potentially disrupting network connectivity and services relying on the router.

Detection Guidance

Detection of this vulnerability involves testing the ssid parameter in the setWiFiBasicConfig function for stack overflow conditions. Specific commands or detection scripts are not provided in the resources, but reviewing or using the proof-of-concept code available in the linked GitHub repositories may help in crafting detection methods. [1, 2]

Mitigation Strategies

Immediate mitigation steps are not explicitly detailed in the provided resources. Generally, to mitigate a stack overflow vulnerability in the ssid parameter, avoid using vulnerable firmware versions (such as TOTOLINK N600R v4.3.0cu.7866_B20220506) and apply any available patches or updates from the vendor. If no patch is available, restricting access to the device's configuration interface and monitoring for unusual input patterns may help reduce risk.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-60334. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart