CVE-2025-44657
CVE-2025-44657
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.9EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
21 Jul 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Affected products
n/a · n/a