16 matches found
EUVD-2025-26132
Malicious code in bioql PyPI...
CVE-2025-9580
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9579
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-9579
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-9580
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...
CVE-2025-9580
CVE-2025-9580 affects LB-LINK BL-X26 v1.2.8. The vulnerability lies in the HTTP Handler’s /goform/set_blacklist where manipulating the mac argument enables OS command injection. Exploitation is possible remotely and publicly disclosed; at least one advisory notes exploitation and lack of vendor r...
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-9579
CVE-2025-9579 affects LB-LINK BL-X26 v1.2.8; the HTTP Handler’s /goform/set_hidessid_cfg component permits remote command execution via manipulation of the enable argument. The vulnerability stems from an argument handling issue, enabling an OS command injection. Public PoC/exploit code exists, a...
PT-2025-35128
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-X26 version 1.2.8 Description: A weakness exists in the HTTP Handler component due to the manipulation of the enable argument within the /goform/set hidessid cfg file, leading to os command injection. This issue can be exploited...
LB-LINK BL-X26 安全漏洞
LB-LINK BL-X26 is a wireless router from China Bilink LB-LINK. A security vulnerability exists in the LB-LINK BL-X26 version 1.2.8, which originates from an incorrect operation of the parameter enable in the file /goform/sethidessidcfg resulting in os command injection...
PT-2025-35131
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-X26 version 1.2.8 Description: A security issue has been identified in LB-LINK BL-X26 version 1.2.8 related to the HTTP Handler component. Manipulation of the mac argument in the /goform/set blacklist file can lead to os command...
CVE-2023-26801
CVE-2023-26801 affects LB-LINK BL-AC1900_2.0 v1.0.1, BL-WR9000 v2.4.9, BL-X26 v1.2.5, and BL-LTE300 v1.0.8. The vulnerability is a command injection via the mac, time1, and time2 parameters in /goform/set_LimitClient_cfg. Root cause involves improper input handling in the /goform/set_LimitClient_...
VulnCheck KEV: CVE-2023-26801
LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...