TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation_CVE-2026-11494

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2026-11494

Source VulDB

Published Jun 8, 2026 at 06:00

Affected Product

Vendor TOTOLINK

Product AC1200 T8

Version 4.1.5cu.8611

Affected Versions TOTOLINK AC1200 T8 4.1.5cu.8611

CWE Classification

CWE-272 CWE-266

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2026-06-08T06:00:12.914Z",
    "modified": "2026-06-08T06:00:12.914Z",
    "type": "cve",
    "title": "TOTOLINK AC1200 T8 vsftpd vsftpd.conf least privilege violation",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/369114\nhttps://vuldb.com/vuln/369114/cti\nhttps://vuldb.com/cve/CVE-2026-11494\nhttps://vuldb.com/submit/834819\nhttps://www.notion.so/TOTOLink-AC1200T8-V4-1-5cu-8611-3671f5ba989080a6aa03e6adbdd1d104?source=copy_link\nhttps://www.totolink.net/",
    "id": "CVE-2026-11494",
    "bulletinFamily": "",
    "cwe": [
        "CWE-272",
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "TOTOLINK AC1200 T8 4.1.5cu.8611",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AC1200 T8",
    "version": "4.1.5cu.8611",
    "vendor": "TOTOLINK",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}