Stack-based Buffer Overflow in Cisco Linksys E1200 Router Firmware

CVE-2025-60692

What is CVE-2025-60692?

CVE-2025-60692 is a critical vulnerability found in the firmware of Cisco Linksys E1200 v2 routers. The vulnerability resides in the libshared.so library and is attributable to the improper handling of input in the functions used to parse ARP entries from the /proc/net/arp file. Specifically, the use of overly permissive format specifiers in the sscanf function allows local attackers to manipulate the buffer sizes, leading to a stack-based buffer overflow. This type of exploitation can result in memory corruption, which may allow the attacker to execute arbitrary code or trigger a denial of service. Given that the Linksys E1200 router is commonly utilized for home and small office network setups, the vulnerability presents a substantial risk to consumers and small enterprises relying on these devices for secure internet access.

Potential impact of CVE-2025-60692

1. Memory Corruption: The buffer overflow can lead to memory corruption which may allow an attacker to execute arbitrary code on the device. This exploitation might enable unauthorized control over the router, potentially allowing for further network intrusions or compromise of connected devices.

2. Denial of Service: Exploiting this vulnerability can result in a denial of service condition, where authorized users may be unable to access the router or the network it serves. This can disrupt essential services, especially for small businesses or home offices heavily reliant on stable internet access.

3. Increased Attack Surface: With the ability to exploit CVE-2025-60692, attackers can gain a foothold within the network setup. This can lead to further vulnerabilities and exploits within the network, ultimately increasing the overall risk of data breaches, the spread of malware, and a compromised network environment.

References