CVE-2026-11620: Least Privilege Violation in TOTOLINK EX200
CVE-2026-11620 is a medium-severity vulnerability in TOTOLINK EX200 version 4. 0. 3c. 7646 involving a least privilege violation related to the vsftpd component's /etc/vsftpd. conf file. The flaw can be exploited remotely without authentication or user interaction. An exploit has been publicly released, but there are no confirmed reports of exploitation in the wild. No official patch or remediation guidance is currently available from the vendor.
AI Analysis
Technical Summary
This vulnerability affects TOTOLINK EX200 firmware version 4.0.3c.7646 and involves an unknown function within the vsftpd configuration file (/etc/vsftpd.conf) that leads to a least privilege violation. The vulnerability can be triggered remotely without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The CVSS score of 6.9 reflects a medium severity impact. Although an exploit is publicly available, there is no vendor advisory or patch information provided, and the vulnerability is not related to a cloud service.
Potential Impact
The vulnerability allows an attacker to remotely exploit a least privilege violation in the vsftpd component of TOTOLINK EX200 firmware 4.0.3c.7646. This could potentially allow unauthorized actions beyond intended privilege levels. However, the exact impact details are not specified beyond the least privilege violation. No confirmed exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or workaround is provided, users should monitor TOTOLINK communications for updates. Until a fix is available, consider limiting remote access to the affected device and applying network-level controls to reduce exposure.
CVE-2026-11620: Least Privilege Violation in TOTOLINK EX200
Description
CVE-2026-11620 is a medium-severity vulnerability in TOTOLINK EX200 version 4. 0. 3c. 7646 involving a least privilege violation related to the vsftpd component's /etc/vsftpd. conf file. The flaw can be exploited remotely without authentication or user interaction. An exploit has been publicly released, but there are no confirmed reports of exploitation in the wild. No official patch or remediation guidance is currently available from the vendor.
CVSS v4.0
Score 6.9medium
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability affects TOTOLINK EX200 firmware version 4.0.3c.7646 and involves an unknown function within the vsftpd configuration file (/etc/vsftpd.conf) that leads to a least privilege violation. The vulnerability can be triggered remotely without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The CVSS score of 6.9 reflects a medium severity impact. Although an exploit is publicly available, there is no vendor advisory or patch information provided, and the vulnerability is not related to a cloud service.
Potential Impact
The vulnerability allows an attacker to remotely exploit a least privilege violation in the vsftpd component of TOTOLINK EX200 firmware 4.0.3c.7646. This could potentially allow unauthorized actions beyond intended privilege levels. However, the exact impact details are not specified beyond the least privilege violation. No confirmed exploitation in the wild has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or workaround is provided, users should monitor TOTOLINK communications for updates. Until a fix is available, consider limiting remote access to the affected device and applying network-level controls to reduce exposure.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-06-08T20:14:12.689Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a27860be29bf47b5017a9ab
Added to database: 6/9/2026, 3:18:35 AM
Last enriched: 6/9/2026, 3:33:42 AM
Last updated: 6/9/2026, 4:23:33 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.