Search
Search Results (7 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-9579 | 2 B-link, Lb-link | 3 Bl-x26, Bl-x26 Firmware, Bl-x26 | 2025-09-11 | 6.3 Medium |
| A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-9580 | 2 B-link, Lb-link | 3 Bl-x26, Bl-x26 Firmware, Bl-x26 | 2025-09-11 | 6.3 Medium |
| A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-45986 | 1 B-link | 16 Bl-ac2100 Az3, Bl-ac2100 Az3 Firmware, Bl-f1200 At1 and 13 more | 2025-07-23 | 9.8 Critical |
| Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 werediscovered to contain a command injection vulnerability via the mac parameter in the bs_SetMacBlack function. | ||||
| CVE-2025-45988 | 1 B-link | 18 Bl-ac1900, Bl-ac1900 Firmware, Bl-ac2100 Az3 and 15 more | 2025-07-10 | 9.8 Critical |
| Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the cmd parameter in the bs_SetCmd function. | ||||
| CVE-2025-45987 | 1 B-link | 14 Bl-ac2100 Az3, Bl-ac2100 Az3 Firmware, Bl-f1200 At1 and 11 more | 2025-07-10 | 9.8 Critical |
| Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the dns1 and dns2 parameters in the bs_SetDNSInfo function. | ||||
| CVE-2025-45985 | 1 B-link | 16 Bl-ac2100 Az3, Bl-ac2100 Az3 Firmware, Bl-f1200 At1 and 13 more | 2025-07-10 | 9.8 Critical |
| Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bs_SetSSIDHide function. | ||||
| CVE-2025-45984 | 1 B-link | 18 Bl-ac1900, Bl-ac1900 Firmware, Bl-ac2100 Az3 and 15 more | 2025-07-10 | 9.8 Critical |
| Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 function. | ||||
Page 1 of 1.