CNNVD-202511-1603 Information

Nov 13, 2025 cve

CNNVD ID

CNNVD-202511-1603

CVE-2025-60684

CNNVD Published: 2025-11-13

Description (Chinese)

TOTOLINK LR1200GB是中国吉翁电子（TOTOLINK）公司的一款无线双频 4G LTE 路由器。 ToToLink LR1200GB V9.1.0u.6619_B20230130版本和NR1800X V9.1.0u.6681_B20230703版本存在安全漏洞，该漏洞源于cstecgi.cgi二进制文件中lang参数处理不当，可能导致栈缓冲区溢出。

Description (English)

TOTOLINK LR1200GB is a wireless double-frequency 4G LTE router of the Chinese company TOTOLINK. TotoLink LR1200GB V9.1.0u.6619 B2023130 and NR1800X V9.1.0u.6681 B202330703 have a security loophole, which stems from the inappropriate handling of the lang parameters in the cstecgi.cgi binary document, which may result in spilling over the fence.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

吉翁电子

Published

2025-11-13

Last Modified

2026-02-24

References

http://totolink.com https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-LR1200GB/CVE-2025-60684.md https://www.totolink.net/ https://access.redhat.com/security/cve/cve-2025-60684

Share on: