CNNVD-202511-1602 Information

Nov 13, 2025 cve

CNNVD ID

CNNVD-202511-1602

CVE-2025-60686

CNNVD Published: 2025-11-13

Description (Chinese)

TOTOLINK A720R等都是中国吉翁电子（TOTOLINK）公司的产品。TOTOLINK A720R是一款无线路由器。TOTOLINK NR1800X是一款出色的 5G NR 室内Wi-Fi和SIP CPE。TOTOLINK LR1200GB是一款无线双频 4G LTE 路由器。 ToToLink多款产品存在安全漏洞，该漏洞源于infostat.cgi和cstecgi.cgi二进制文件中存在栈缓冲区溢出，可能导致拒绝服务或执行任意代码。以下产品及版本受到影响：ToToLink A720R V4.1.5cu.614_B20230130版本、LR1200GB V9.1.0u.6619_B20230130版本和NR1800X V9.1.0u.6681_B20230703版本。

Description (English)

TOTOLINK A720R and others are products of the Chinese company TOTOLINK. TOTOLINK A720R is a wireless router. TOTOLINK NR1800X is an excellent 5G NR indoor Wi-Fi and SIP CPE. TOTOLINK LR1200GB is a wireless double-frequency 4G LTE router. There is a safety loophole in TotoLink ’ s multiple products, which stems from the spilling out of the barrage in the infostat.cgi and cstecgi.cgi binary documents, which may lead to the denial of services or the enforcement of arbitrary codes. The following products and versions were affected: TotoLink A720R V4.1.5cu.614 B2023130, LR1200GB V9.1.0u.6619 B2023130 and NR1800X V9.1.0u.6681 B2023703.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

吉翁电子

Published

2025-11-13

Last Modified

2026-02-24

References

http://totolink.com https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-A720R/CVE-2025-60686.md https://www.totolink.net/ https://access.redhat.com/security/cve/cve-2025-60686

Share on: