CVE-2025-44655 - CERT CVE
ID CVE-2025-44655
Sažetak In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
Reference
CVSS
Base: 9.8
Impact: 5.9
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje 22-07-2025 - 19:15
Objavljeno 21-07-2025 - 16:15