{"id":79492,"date":"2026-06-09T06:46:26","date_gmt":"2026-06-09T03:16:26","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-11620-totolink-ex200-vsftpd-vsftpd-conf-least-privilege-violation\/"},"modified":"2026-06-09T06:46:26","modified_gmt":"2026-06-09T03:16:26","slug":"cve-2026-11620-totolink-ex200-vsftpd-vsftpd-conf-least-privilege-violation","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-11620-totolink-ex200-vsftpd-vsftpd-conf-least-privilege-violation\/","title":{"rendered":"CVE-2026-11620 &#8211; TOTOLINK EX200 vsftpd vsftpd.conf least privilege violation"},"content":{"rendered":"<p>CVE ID :CVE-2026-11620<\/p>\n<p>  Published : June 9, 2026, 3:16 a.m. | 1\u00a0hour, 18\u00a0minutes ago<\/p>\n<p>  Description :A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file \/etc\/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.<\/p>\n<p>  Severity: 5.5 | MEDIUM<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-11620 Published : June 9, 2026, 3:16 a.m. | 1\u00a0hour, 18\u00a0minutes ago Description :A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file \/etc\/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-79492","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79492","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=79492"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79492\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=79492"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=79492"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=79492"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}