Lucene search
K

5 matches found

NVD
NVD
added 2025/04/29 6:15 p.m.23 views

CVE-2025-4076

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS0.01921EPSS
Exploits0References5
Circl
Circl
added 2025/04/29 6:12 p.m.8 views

CVE-2025-4076

creationtimestamp| type| source ---|---|--- 2025-04-29 18:12:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13886 2025-04-29 19:00:36+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114422791020342282 2025-04-29 19:50:43+00:00| seen|...

6.5CVSS6.2AI score0.01921EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/29 6:0 p.m.9 views

CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS6.9AI score0.01921EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/29 6:0 p.m.23 views

CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection

A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...

6.5CVSS0.01921EPSS
Exploits0References5
CVE
CVE
added 2025/04/29 6:0 p.m.66 views

CVE-2025-4076

CVE-2025-4076 affects LB-LINK BL-AC3600, версии до 1.0.22. Affected component: Password Handler, function easy_uci_set_option_string_0 in /cgi-bin/lighttpd.cgi. The routepwd parameter can be manipulated to trigger command injection, with remote exploitation possible. Public exploit disclosure not...

6.5CVSS6.9AI score0.01921EPSS
Exploits0References5
Rows per page
Query Builder