Vulnerability Database

301,027

Total vulnerabilities in the database

CVE-2025-44657

In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.

Published: Jul 21, 2025
Updated: Jul 22, 2025
CVE: CVE-2025-44657
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
linksys / ea6350_firmware	2.1.2	2.1.2.x

http://ea6350.com
https://gist.github.com/TPCchecker/7839fbd329ebd2f9f6b105c4926d4b0c

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo