CVE-2025-68717

critical

Description

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 allow authentication bypass during session validation. If any user is logged in, endpoints such as /cgi-bin/system-tool accept unauthenticated requests with empty or invalid session values. This design flaw lets attackers piggyback on another user's active session to retrieve sensitive configuration data or execute privileged actions without authentication.

References

https://www.kaysus.com/ks_wr3600__wifi_7_be3600_wireless_router.html

https://github.com/actuator/cve/tree/main/KAYSUS

https://github.com/actuator/cve/blob/main/KAYSUS/CVE-2025-68717.txt

Details

Source: Mitre, NVD

Published: 2026-01-08

Updated: 2026-02-02

Risk Information

CVSS v2

Base Score: 9.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:P

Severity: High

CVSS v3

Base Score: 9.4

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Severity: Critical

EPSS

EPSS: 0.00096