CVE Catalog

CVE-2026-11554

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability was identified in TOTOLINK CP450 version 4.1.0cu.747, concerning the file /etc/vsftpd.conf of the vsftpd component. Manipulation of this file leads to least privilege violation.

Risk Assessment

An attacker may remotely exploit this vulnerability, posing a serious security threat to the system.

Recommendation

It is recommended to update the software to the latest version and secure the configuration file against unauthorized access.

Original NVD description (English source)

A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747. This vulnerability affects unknown code of the file /etc/vsftpd.conf of the component vsftpd. This manipulation causes least privilege violation. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS