Skip to main content

TOTOLINK AC1200 T8 EUVD-2026-35025

| CVE-2026-11494 LOW
Least Privilege Violation (CWE-272)
2026-06-08 VulDB GHSA-6c95-fqc7-4p3j
Information Disclosure Ac1200 T8
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
Jun 08, 2026 - 07:22 NVD
MEDIUM LOW
CVSS changed
Jun 08, 2026 - 07:22 NVD
4.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
Jun 08, 2026 - 06:51 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

AnalysisAI

Least-privilege violation in TOTOLINK AC1200 T8 firmware 4.1.5cu.8611 exposes the vsftpd FTP service to unauthorized integrity manipulation by low-privileged authenticated network users. The /etc/vsftpd.conf configuration grants excessive permissions beyond the principle of least privilege (CWE-272), allowing a low-privilege authenticated attacker to perform write operations they should not be authorized to execute. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege FTP credentials
Delivery
Connect to vsftpd service over network
Exploit
Authenticate to FTP service
Execution
Exploit overpermissioned vsftpd.conf directives
Impact
Perform unauthorized write operations on accessible paths
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The vsftpd FTP service must be enabled and network-accessible on the TOTOLINK AC1200 T8 - this is a non-default-disabled service in many embedded router firmwares but should be verified per deployment. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS base score of 4.3 (Medium) accurately reflects a constrained risk profile: low integrity impact only, no confidentiality or availability consequence, and a requirement for low-level authentication (PR:L). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with low-privilege credentials to the TOTOLINK AC1200 T8 - obtained via default credentials, credential stuffing, or prior access - connects to the vsftpd FTP service exposed over the network. By leveraging the misconfigured permissions in vsftpd.conf, the attacker performs write operations or accesses FTP-accessible paths beyond their authorized scope, potentially modifying files or configurations on the device. …
Remediation No vendor-released patch has been identified at time of analysis; the CVSS remediation level field (RL:X) is undefined and no fix is referenced in the available advisory data. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-35025 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy