Unrated severityNVD Advisory· Published Jul 26, 2025· Updated Jul 28, 2025

TOTOLINK N600R/X2000R FTP Service vsftpd.conf least privilege violation

CVE-2025-8181

Description

A vulnerability, which was classified as critical, was found in TOTOLINK N600R and X2000R 1.0.0.1. This affects an unknown part of the file vsftpd.conf of the component FTP Service. The manipulation leads to least privilege violation. It is possible to initiate the attack remotely.

Affected products

Totolink/N600Rllm-fuzzy
Range: = 1.0.0.1
Totolink/X2000R-Ghllm-fuzzy
Range: = 1.0.0.1
TOTOLINK/N600Rv5
Range: 1.0.0.1
TOTOLINK/X2000Rv5
Range: 1.0.0.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vuldb.commitrethird-party-advisory
vuldb.commitrethird-party-advisory
vuldb.commitresignaturepermissions-required
vuldb.commitrevdb-entry
www.notion.so/23a54a1113e780c08f3acca6a746d732mitrerelated
www.totolink.netmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000