Stack Overflow Vulnerability in TOTOLINK N600R WiFi Configurations
CVE-2025-60333

7.5HIGH

Key Information:

Vendor: TOTOLINK
Status: N600R
Vendor: CVE Published:; 22 October 2025

What is CVE-2025-60333?

A stack overflow vulnerability exists in the TOTOLINK N600R's setWiFiMultipleConfig function due to improper handling of the wepkey2 parameter. This exploit allows malicious actors to craft inputs that can overload the system, resulting in a Denial of Service (DoS). Users should take precautionary measures to secure their devices against this exploit to maintain uninterrupted service.

References

https://github.com/z472421519/BinaryAudit/blob/main/PoC/B...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Sep 26, 2025

JSON