CVE-2026-11494

EUVD-2026-35025
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
Common Weakness Enumeration
References
https://vuldb.com/cve/CVE-2026-11494
https://vuldb.com/submit/834819
https://vuldb.com/vuln/369114
https://vuldb.com/vuln/369114/cti
https://www.notion.so/TOTOLink-AC1200T8-V4-1-5cu-8611-3671f5ba989080a6aa03e6adbdd1d104?source=copy_link
https://www.totolink.net/
https://vuldb.com/submit/834819