cbcvebase.
CVE-2025-68717
published 2026-01-08

CVE-2025-68717: KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as…

PriorityP268critical9.4CVSS 3.1
AVNACLPRNUINSUCHIHAL
EPSS
0.52%
40.1th percentile
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication.

Affected

1 ranges
VendorProductVersion rangeFixed in
kaysusks-wr3600_firmware
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.