Cyber Resilience

CVE-2025-60674

MediumPublic PoC

Published: 13 November 2025

Published
13 November 2025
Modified
17 November 2025
KEV Added
Patch
CVSS Score v3.1 6.8 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0011 29.3th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-60674 is a medium-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Dlink Dir-878 Firmware. Its CVSS base score is 6.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 29.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A stack buffer overflow vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin in the rc binary's USB storage handling module. The vulnerability occurs when the "Serial Number" field from a USB device is read via sscanf into a 64-byte…

more

stack buffer, while fgets reads up to 127 bytes, causing a stack overflow. An attacker with physical access or control over a USB device can exploit this vulnerability to potentially execute arbitrary code on the device.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

The stack buffer overflow in the router firmware's USB storage handling module enables arbitrary code execution via a crafted USB device serial number, facilitating exploitation for privilege escalation.

Affected Assets

dlink
dir-878 firmware
1.01b04

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References