CVE-2025-68719 - KAYSUS KS-WR3600 Router Configuration Backup Disclosure Vulnerability

CVE ID : CVE-2025-68719 Published : Jan. 8, 2026, 9:15 p.m. | 1 hour, 42 minutes ago Description : KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user is logged in and maintains an active session, an attacker can directly query the backup endpoint and download a full configuration archive. This archive contains sensitive files such as /etc/shadow, enabling credential recovery and potential full compromise of the device. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor