Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-pyat-jwsh-cbfz
SummaryA security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Aliases
0
alias CVE-2026-11620
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-11620
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26693
published_at 2026-06-13T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26678
published_at 2026-06-14T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26477
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-11620
1
reference_url https://vuldb.com/vuln/369301
reference_id 369301
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://vuldb.com/vuln/369301
2
reference_url https://vuldb.com/submit/834825
reference_id 834825
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://vuldb.com/submit/834825
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:totolink:ex200_firmware:*:*:*:*:*:*:*:*
reference_id cpe:2.3:o:totolink:ex200_firmware:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:totolink:ex200_firmware:*:*:*:*:*:*:*:*
4
reference_url https://vuldb.com/vuln/369301/cti
reference_id cti
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://vuldb.com/vuln/369301/cti
5
reference_url https://vuldb.com/cve/CVE-2026-11620
reference_id CVE-2026-11620
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://vuldb.com/cve/CVE-2026-11620
6
reference_url https://www.notion.so/TOTOLink-EX200-V4-0-3c-7646_B20201211-3671f5ba989080ccaa41d9f76fb1906b?source=copy_link
reference_id TOTOLink-EX200-V4-0-3c-7646_B20201211-3671f5ba989080ccaa41d9f76fb1906b?source=copy_link
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://www.notion.so/TOTOLink-EX200-V4-0-3c-7646_B20201211-3671f5ba989080ccaa41d9f76fb1906b?source=copy_link
7
reference_url https://www.totolink.net/
reference_id www.totolink.net
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R
3
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-06-09T16:00:16Z/
url https://www.totolink.net/
Weaknesses
0
cwe_id 266
name Incorrect Privilege Assignment
description A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
1
cwe_id 272
name Least Privilege Violation
description The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.
Exploits
Severity_range_score5.0 - 6.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-pyat-jwsh-cbfz