Totolink: >> T10 Firmware >> 5.9 Security Vulnerabilities
In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chroot_local_user option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-07-21