CVE-2025-44654

Severity CVSS v4.0:
Pending analysis
Type:
CWE-284 Improper Access Control
Publication date:
21/07/2025
Last modified:
22/07/2025

Description

In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.