CVE-2025-44655

Published: Jul 21, 2025

Modified: Jul 22, 2025

PUBLISHED

Description

In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://totolink.com

https://gist.github.com/TPCchecker/d7306649f51ca25e22dd6532546a58f3

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-44655

Description

Affected Products

References