CVE-2025-68719HIGH 8.8EPSS p31.8%

CVE-2025-68719CVE-2025-68719

Description

KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user is logged in and maintains an active session, an attacker can directly query the backup endpoint and download a full configuration archive. This archive contains sensitive files such as /etc/shadow, enabling credential recovery and potential full compromise of the device.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.40% probability of exploitation · percentile 31.8% · 2026-06-18T12:00:27Z
Published2026-01-08
Last modified2026-02-02

Underlying weaknesses· 2

CWE-200CWE-552

References

  1. https://github.com/actuator/cve/blob/main/KAYSUS/CVE-2025-68719.txt
  2. https://github.com/actuator/cve/tree/main/KAYSUS
  3. https://www.kaysus.com/ks_wr3600__wifi_7_be3600_wireless_router.html

2

TypeTargetConfidenceTier
WeaknessExposure of Sensitive Information to an Unauthorized Actorcwe-2000%live
WeaknessFiles or Directories Accessible to External Partiescwe-5520%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-68717
CVE
CVE-2025-68716
CVE
CVE-2025-6560
CVE
CVE-2025-51381
CVE
CVE-2025-68707
CVE
CVE-2025-62777
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.