CVE-2025-60683
Published: 13 November 2025
Summary
CVE-2025-60683 is a medium-severity Command Injection (CWE-77) vulnerability in Totolink A720R Firmware. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Unix Shell (T1059.004); ranked in the top 10.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-175310
Vulnerability details
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu.614_B20230630 within the sysconf binary, specifically in the sub_40BFA4 function that handles network interface reinitialization from '/var/system/linux_vlan_reinit'. Input is only partially validated by checking the prefix of interface names,…
more
and is concatenated into shell commands executed via system() without escaping. An attacker with write access to this file can execute arbitrary commands on the device.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Command injection vulnerability in sysconf binary allows arbitrary Unix shell command execution via unescaped input from '/var/system/linux_vlan_reinit' file.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.