Improper access control in the Linksys E2500 wireless router (firmware 3.0.04.002) stems from its bundled vsftpd FTP service, where the reporter flags the chroot_local_user setting as enabling unauthorized reach into system files, privilege escalation, or lateral pivoting into the internal network. The E2500 is a discontinued consumer/SOHO router, and no public exploit identified at time of analysis; EPSS estimates only a 1.08% exploitation probability (61st percentile). Notably, the single reference is a third-party GitHub gist rather than a vendor advisory, and the technical claim is internally inconsistent (see risk assessment).
Privilege escalation and unauthorized file access affects TOTOLINK A7100RU (V7.4), A950RG (V5.9), and T10 (V5.9) routers because their bundled vsftpd FTP server ships with the chroot_local_user option enabled in vsftpd.conf, an insecure default that can let a local FTP user reach system files and escalate on the device. On these consumer routers the FTP daemon runs with high privilege and weak isolation, so a foothold on the FTP service can be used to read sensitive files, gain elevated access, and pivot into the internal network. There is no CISA KEV listing and no public exploit identified at time of analysis; the only reference is a researcher gist, and EPSS is low at 0.34% (26th percentile).