CVE Alert: CVE-2025-60337 – n/a – n/a

Risk verdict

Unclear exploitation likelihood due to missing KEV/SSVC/EPSS data, but a publicly documented PoC for a buffer overflow causing DoS suggests non-trivial risk if the device is reachable via its WAN management interface.

Why this matters

A DoS on a consumer/SMB router can disrupt internet connectivity, impact remote work, and force reboot cycles or service interruptions across linked devices. If the vulnerable component is exposed publicly, attackers could disrupt essential services without needing access to internal networks, driving user disruption and potential business downtime.

Most likely attack path

If the vulnerable input is reachable through the device’s network-facing management UI, a remote attacker could trigger the overflow by sending crafted data over the WAN interface. Exploitation would primarily target availability rather than data theft, with success dependent on exposure of the management interface and absence of mitigations in firmware or network controls.

Who is most exposed

Users relying on consumer-grade routers with public or poorly protected remote administration are most at risk. Small offices or households with internet-exposed devices and default or weak security configurations are common deployment patterns.

Detection ideas

• Sudden device reboots or watchdog resets reported in logs
• Unusual spikes in CPU/memory or crash dumps in firmware logs
• Recurrent failed or crafted input attempts in management interface logs
• Network-wide disruption events correlating with specific traffic patterns

Mitigation and prioritisation

• Apply vendor firmware updates addressing the vulnerability; treat as priority 1 if KEV or EPSS indicates active exploitation.
• Disable remote/ WAN management unless strictly necessary; restrict management access by IP and enable MFA where available.
• Implement network segmentation and firewall rules to limit access to the device’s management interface.
• Monitor for DoS indicators and prepare rapid recovery procedures (reboot/restore points).
• Plan and test patch deployment in a controlled environment before broad rollout; coordinate change management accordingly. If KEV true or EPSS ≥ 0.5, escalate urgency.