CVE-2026-11620

MEDIUM NVD

CVSS Score 5.3

Severity MEDIUM

Published Jun 09, 2026

Vendor unknown

Description

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

References

https://vuldb.com/cve/CVE-2026-11620
https://vuldb.com/submit/834825
https://vuldb.com/vuln/369301
https://vuldb.com/vuln/369301/cti
https://www.notion.so/TOTOLink-EX200-V4-0-3c-7646_B20201211-3671f5ba989080ccaa41d9f76fb1906b?source=copy_link