Description
A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (setDefResponse function). The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack buffer using strcpy() without any length validation. Maliciously crafted input can overflow the buffer, leading to potential arbitrary code execution or memory corruption, without requiring authentication.
References (3)
Core 3
Core References
Broken Link
http://totolink.com
Exploit, Third Party Advisory
https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-LR1200GB/CVE-2025-60688.md
Product
https://www.totolink.net/
Scores
CVSS v3
6.5
EPSS
0.0029
EPSS Percentile
52.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-121
Status
published
Products (2)
totolink/lr1200gb_firmware
9.1.0u.6619_b20230130
totolink/nr1800x_firmware
9.1.0u.6681_b20230703
Published
Nov 13, 2025
Tracked Since
Feb 18, 2026