Stack-based Buffer Overflow in Linksys RE7000 Router
CVE-2025-60696

8.4HIGH

Key Information:

Vendor: Linksys
Status: RE7000 Router
Vendor: CVE Published:; 13 November 2025

What is CVE-2025-60696?

A stack-based buffer overflow exists in the makeRequest.cgi binary of Linksys RE7000 routers, specifically within the arplookup function. This function improperly handles input when parsing the ARP table from /proc/net/arp, allowing up to 16 and 18 bytes to be stored into buffers that only allocate 12 and 20 bytes respectively. An attacker with local access can exploit this flaw by manipulating the contents of /proc/net/arp, leading to potential denial of service or the execution of arbitrary code on the affected routers.

References

http://linksys.com

https://www.linksys.com/

https://github.com/yifan20020708/SGTaint-0-day/blob/main/...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 13, 2025
Vulnerability Reserved
Sep 26, 2025

JSON