In Linksys EA6350 V2.1.2, the chroot_local_user option is...
Low severity
Unreviewed
Published
Jul 21, 2025
to the GitHub Advisory Database
•
Updated Jul 22, 2025
Description
Published by the National Vulnerability Database
Jul 21, 2025
Published to the GitHub Advisory Database
Jul 21, 2025
Last updated
Jul 22, 2025
In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
References