CVE-2025-12260
Published: 27 October 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-12260 is a stack-based buffer overflow vulnerability affecting the TOTOLINK A3300R router on firmware version 17.0.0cu.557_B20221024. The flaw resides in the setSyslogCfg function within the /cgi-bin/cstecgi.cgi file, part of the POST Parameter Handler component. It is triggered by manipulation of the "enable" argument and has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), mapped to CWE-119 and CWE-121. The vulnerability was published on 2025-10-27.
An attacker with low privileges can exploit this remotely over the network by sending a crafted request to the vulnerable endpoint. No user interaction is required, and the low complexity enables reliable exploitation. Successful attacks can result in high-impact compromise of confidentiality, integrity, and availability, likely enabling remote code execution via the stack-based buffer overflow.
An exploit has been publicly disclosed on GitHub, increasing the risk of active use. Security advisories on VulDB provide further details, and practitioners should check the vendor site at www.totolink.net for patches or mitigation recommendations.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Stack-based buffer overflow in the web CGI endpoint (/cgi-bin/cstecgi.cgi) enables remote code execution via exploitation of a public-facing application on the router.