Privilege Escalation Risk in Linksys Router Software by Linksys
CVE-2025-44657

3.9LOW

Key Information:

Vendor: Linksys
Status: EA6350
Vendor: CVE Published:; 21 July 2025

What is CVE-2025-44657?

The Linksys EA6350 router software version 2.1.2 contains a configuration flaw due to the enabled chroot_local_user option in the dynamically generated vsftpd configuration. This vulnerability can result in unauthorized access to system files and may allow attackers to escalate privileges. Additionally, this could enable compromised devices to serve as pivot points for further attacks within the internal network, heightening the security risks associated with this router model.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://ea6350.com

https://gist.github.com/TPCchecker/7839fbd329ebd2f9f6b105...

CVSS V3.1

Score:

3.9

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 21, 2025
Vulnerability Reserved
Apr 22, 2025

JSON

Linksys

What is CVE-2025-44657?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.