10 matches found
CVE-2026-4227
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...
EUVD-2026-12369
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...
CVE-2026-4227
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...
CVE-2026-4227
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...
CVE-2026-4227
LB-LINK BL-WR9000 (firmware 2.4.9) is affected by a buffer overflow in the function sub_44D844 of /goform/get_hidessid_cfg. The vulnerability enables remote exploitation and has publicly disclosed exploit code. Both CVE records identify the issue and context; no remediation details are provided i...
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection
A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...
PT-2025-35128
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-X26 version 1.2.8 Description: A weakness exists in the HTTP Handler component due to the manipulation of the enable argument within the /goform/set hidessid cfg file, leading to os command injection. This issue can be exploited...
VulnCheck KEV: CVE-2025-29063
An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/sethidessidcfg is not handled properly...
CVE-2025-29063
An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/sethidessidcfg is not handled properly...