CVE-2025-60692
Published: 13 November 2025
Summary
CVE-2025-60692 is a high-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Linksys E1200 Firmware. Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-175333
Vulnerability details
A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The functions get_mac_from_ip and get_ip_from_mac use sscanf with overly permissive "%100s" format specifiers to parse entries from /proc/net/arp into fixed-size buffers (v6:…
more
50 bytes, v7 sub-arrays: 50 bytes). This allows local attackers controlling the contents of /proc/net/arp to overflow stack buffers, leading to memory corruption, denial of service, or potential arbitrary code execution.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The stack-based buffer overflow allows local attackers to cause memory corruption leading to DoS (T1499.004 via application exploitation) or potential arbitrary code execution (T1068 exploitation for privilege escalation).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.