CVE-2025-60694

CWE-121Stack-based Buffer Overflow4 documents4 sources
Severity
7.5HIGH
EPSS
2.2%
top 15.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Linksys E1200 Firmware
Timeline
PublishedNov 13

Description

A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function improperly concatenates user-supplied CGI parameters (route_ipaddr_0~3, route_netmask_0~3, route_gateway_0~3) into fixed-size buffers (v6, v10, v14) without proper bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service withou

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

NVDlinksys/e1200_firmware2.0.11.001

🔴Vulnerability Details

2
GHSA
GHSA-6mcp-q5xf-jrp5: A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v22025-11-13
CVEList
CVE-2025-60694: A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v22025-11-13

🔍Detection Rules

1
Suricata
ET WEB_SPECIFIC_APPS Linksys validate_static_route Multiple Parameters Buffer Overflow Attempt (CVE-2025-60694)2025-11-13
CVE-2025-60694 (HIGH CVSS 7.5) | A stack-based buffer overflow exist | cvebase.io