EUVD-2025-22120

Malicious code in bioql PyPI...

CVE-2025-44657

In Linksys EA6350 V2.1.2, the chrootlocaluser option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44654

In Linksys E2500 3.0.04.002, the chrootlocaluser option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44655

In TOTOLink A7100RU V7.4, A950RG V5.9, and T10 V5.9, the chrootlocaluser option is enabled in the vsftpd.conf. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44654

In Linksys E2500 3.0.04.002, the chrootlocaluser option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44657

In Linksys EA6350 V2.1.2, the chrootlocaluser option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks...

CVE-2025-44657

This CVE affects Linksys EA6350 V2.1.2 where chroot_local_user is enabled in the dynamically generated vsftpd config, enabling potential unauthorized access to system files and privilege escalation, with the device acting as a pivot point on the affected LAN. The vulnerability is driven by the ch...