LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
CPE | Name | Operator | Version |
---|---|---|---|
bl-ac1900_firmware | eq | 1.0.1 | |
bl-lte300_firmware | eq | 1.0.8 | |
bl-wr9000_firmware | eq | 2.4.9 | |
bl-x26_firmware | eq | 1.2.5 |