13 matches found
CVE-2025-7564
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...
CVE-2025-7564
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...
CVE-2025-7565
LB-LINK BL-AC3600 Web Management Interface (lighttpd.cgi geteasycfg) up to version 1.0.22 is affected. The vulnerability stems from improper handling of the Password argument in /cgi-bin/lighttpd.cgi, enabling information disclosure. Attacks can be initiated remotely and the exploit has been publ...
CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...
CVE-2025-7564
CVE-2025-7564 affects LB-LINK BL-AC3600 (firmware 1.0.22). The issue is a local-access vulnerability impacting an unknown function in /etc/shadow, where input manipulation of root:blinkadmin leads to hard-coded credentials exposure. Exploitation is locally feasible with the vulnerability describe...
CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this...
PT-2025-29411 · Lb Link · Lb-Link Bl-Ac3600
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 version 1.0.22 Description: A critical vulnerability exists in LB-LINK BL-AC3600 version 1.0.22. The issue affects some unknown functionality of the file /etc/shadow. Manipulation of the input root:blinkadmin leads to the...
PT-2025-29412 · Lb Link · Lb-Link Bl-Ac3600
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 versions up to 1.0.22 Description: A critical issue exists in the Web Management Interface component of LB-LINK BL-AC3600. The geteasycfg function within the /cgi-bin/lighttpd.cgi file is susceptible to information disclosur...
CVE-2025-4076
A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...
CVE-2025-4076
A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...
CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection
A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...
CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection
A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...
PT-2025-18200 · Lb Link · Lb-Link Bl-Ac3600
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC3600 versions up to 1.0.22 Description: A critical issue has been discovered, affecting the Password Handler component. Specifically, it impacts the easy uci set option string 0 function within the /cgi-bin/lighttpd.cgi file. The...