CVE-2025-44655 Information
Jul 22, 2025
cve
Description
In TOTOLink A7100RU V7.4 A950RG V5.9 and T10 V5.9 the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files privilege escalation or use of the compromised server as a pivot point for internal network attacks.
Reference
http://totolink.com https://gist.github.com/TPCchecker/d7306649f51ca25e22dd6532546a58f3
Related CNNVD
CNNVD-202507-2664 (Published: 2025-07-21)
Share on: