CVE-2026-11494
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk16th percentile - higher than 16% of all known CVEs
Summary
A vulnerability has been detected in the TOTOLINK AC1200 T8 device version 4.1.5cu.8611, affecting the file /etc/vsftpd.conf of the vsftpd component. Manipulation of this file leads to least privilege violation.
Risk Assessment
An attacker may remotely exploit this vulnerability, posing a risk of unauthorized access to the system.
Recommendation
It is recommended to update the software to the latest version and monitor access to the vsftpd configuration file.
Original NVD description (English source)
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

