TOTOLINK EX200 vsftpd Configuration Least Privilege Violation Vulnerability

Vulnerability

A vulnerability has been identified in the TOTOLINK EX200 router, specifically in version 4.0.3c.7646. The issue arises from an unknown function in the vsftpd configuration file, /etc/vsftpd.conf, which leads to a least privilege violation. This vulnerability can be exploited remotely, and the exploit has been made public.

Impact

Exploitation of this vulnerability could lead to unauthorized access or privileges, allowing an attacker to perform actions or access resources that should be restricted.

Added: Jun 9, 2026, 3:23 AM

Updated: Jun 9, 2026, 3:23 AM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

8.4

remediation

0.0

relevance

9.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

8.4

remediation

0.0

relevance

9.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TOTOLINK EX200 vsftpd Configuration Least Privilege Violation Vulnerability

Vulnerability

Impact

Affected Products

TOTOLINK EX200

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating