CVE-2025-44657

Sažetak

In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.

Reference

http://ea6350.com
https://gist.github.com/TPCchecker/7839fbd329ebd2f9f6b105c4926d4b0c

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

21-07-2025 - 16:15

Objavljeno

21-07-2025 - 16:15