CVE-2025-60693
BaseFortify
Publication date: 2025-11-13
Last updated on: 2025-11-17
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linksys | e1200_firmware | 2.0.11.001 |
| linksys | e1200 | 2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a stack-based buffer overflow in the get_merge_mac function of the httpd binary on Linksys E1200 v2 routers. The function concatenates up to six user-supplied CGI parameters into a fixed-size buffer without proper bounds checking, allowing remote attackers to exploit specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.
How can this vulnerability impact me? :
An attacker can exploit this vulnerability remotely without authentication to execute arbitrary code on the affected router or cause a denial of service, potentially disrupting network availability or compromising the device.