CVE Catalog

CVE-2026-11620

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.10%

26th percentile - higher than 26% of all known CVEs

Summary

A security flaw has been discovered in TOTOLINK EX200 version 4.0.3c.7646 in the file /etc/vsftpd.conf of the vsftpd component. Manipulation of this file results in least privilege violation.

Risk Assessment

This vulnerability can be exploited for remote attacks, posing a serious threat to the organization's security.

Recommendation

It is recommended to update the software to the latest version and monitor the system for unauthorized changes to the configuration file.

Original NVD description (English source)

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS