Skip to main content
CVE-2025-44654 CRITICAL Act Now

Improper access control in the Linksys E2500 wireless router (firmware 3.0.04.002) stems from its bundled vsftpd FTP service, where the reporter flags the chroot_local_user setting as enabling unauthorized reach into system files, privilege escalation, or lateral pivoting into the internal network. The E2500 is a discontinued consumer/SOHO router, and no public exploit identified at time of analysis; EPSS estimates only a 1.08% exploitation probability (61st percentile). Notably, the single reference is a third-party GitHub gist rather than a vendor advisory, and the technical claim is internally inconsistent (see risk assessment).

Authentication Bypass Privilege Escalation Linksys E2500 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2025-44655 CRITICAL Act Now

Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers because their bundled vsftpd FTP server ships with the chroot_local_user option enabled in vsftpd.conf, an insecure default that can let a local FTP user reach system files and escalate on the device. On these consumer routers the FTP daemon runs with high privilege and weak isolation, so a foothold on the FTP service can be used to read sensitive files, gain elevated access, and pivot into the internal network. There is no CISA KEV listing and no public exploit identified at time of analysis; the only reference is a researcher gist, and EPSS is low at 0.34% (26th percentile).

Privilege Escalation Authentication Bypass A7100Ru Firmware A950rg Firmware T10 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy