| Título | TOTOLink CP450 V4.1.0cu.747 Misconfiguration |
|---|
| Descrição | In TOTOLink CP450V4.1.0cu.747 , there is a misconfiguration vulnerability about vsftpd. The vulnerability causes all files uploaded anonymously via FTP to be automatically assigned root ownership, potentially allowing remote attackers to obtain full root access and take complete control of the devices.
Detail:
In the TOTOLink CP450 V4.1.0cu.747 firmware, the content of the /etc/vsftpd.conf is as follows.
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd's)
local_umask=0
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
# a different user. Note! Using "root" for uploaded files is not
# recommended!
chown_uploads=YES
# ASCII mangling is a horrible feature of the protocol.
ascii_upload_enable=YES
# You may fully customise the login banner string:
ftpd_banner=Welcome to blah FTP service.
# When "listen" directive is enabled, vsftpd runs in standalone mode and
# listens on IPv4 sockets. This directive cannot be used in conjunction
# with the listen_ipv6 directive.
listen=YES
#listen_port=21
ftp_username=nobody |
|---|
| Fonte | ⚠️ https://www.notion.so/TOTOLink-CP450-V4-1-0cu-747-3671f5ba989080c3b39ac3984d2ff44d?source=copy_link |
|---|
| Utilizador | L-14 (UID 98432) |
|---|
| Submissão | 21/05/2026 10h44 (há 19 dias) |
|---|
| Moderação | 08/06/2026 07h45 (18 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 369164 [TOTOLINK CP450 4.1.0cu.747 vsftpd /etc/vsftpd.conf] |
|---|
| Pontos | 17 |
|---|