CVE-2025-8181
BaseFortify
Publication date: 2025-07-26
Last updated on: 2025-10-09
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| totolink | n600r_firmware | 4.3.0 |
| totolink | n600r | * |
| totolink | x2000r_firmware | 1.0.0 |
| totolink | x2000r | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-266 | A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor. |
| CWE-272 | The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8181 is a critical vulnerability in the FTP service configuration file (vsftpd.conf) of TOTOLINK N600R and X2000R routers (version 1.0.0.1). The issue is a least privilege violation caused by a misconfiguration where the 'chown_uploads' property is enabled but the 'chown_username' property is not set, defaulting to 'root'. This causes files uploaded anonymously via FTP to be owned by the root user, allowing remote attackers with anonymous FTP access to gain root-level control over the device. The vulnerability can be exploited remotely and impacts confidentiality, integrity, and availability of the affected systems. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can allow remote attackers with anonymous FTP access to gain root-level control over affected TOTOLINK N600R and X2000R devices. This means attackers can fully control the device, potentially compromising the confidentiality, integrity, and availability of the system. Such control could lead to unauthorized access, data theft, service disruption, or further attacks within a network. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the vsftpd.conf configuration file on TOTOLINK N600R and X2000R devices for the presence of the 'chown_uploads' property enabled without an explicit 'chown_username' set, which defaults to 'root'. Commands to detect this could include accessing the device via SSH or console and running commands like 'cat /etc/vsftpd.conf | grep chown_uploads' and 'cat /etc/vsftpd.conf | grep chown_username' to verify these settings. Additionally, monitoring FTP uploads for files owned by root when anonymous uploads are allowed could indicate the vulnerability. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling the 'chown_uploads' property in the vsftpd.conf file or explicitly setting the 'chown_username' property to a non-root user to prevent uploaded files from being owned by root. Since no known countermeasures or patches are currently available, it is also recommended to replace the affected TOTOLINK N600R and X2000R devices or update to a firmware version that addresses this issue once available. [1, 2, 3]