CVE-2026-11620
5.3 MEDIUMA security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646
Published: 2026-06-09 · Last updated: 2026-06-09
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- CWE
- CWE-266, CWE-272
Description
A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-11620
- [Other]https://vuldb.com/cve/CVE-2026-11620
- [Other]https://vuldb.com/submit/834825
- [Other]https://vuldb.com/vuln/369301
- [Other]https://vuldb.com/vuln/369301/cti
- [Other]https://www.notion.so/TOTOLink-EX200-V4-0-3c-7646_B20201211-3671f5ba989080ccaa41d9f76fb1906b?source=copy_link
- [Other]https://www.totolink.net/
Related CVEs
Same CWE
- CVE-2026-11619 — A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2 (6.3 MEDIUM)
- CVE-2026-11555 — A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006 (3.7 LOW)
- CVE-2026-11554 — A vulnerability was determined in TOTOLINK CP450 4.1.0cu.747 (4.3 MEDIUM)
- CVE-2026-11533 — A security vulnerability has been detected in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 (5.4 MEDIUM)
- CVE-2026-11532 — A weakness has been identified in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46 (6.3 MEDIUM)