Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4228

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub458754 of the file /goform/setwifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about th...

9.8CVSS6.3AI score0.05166EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.6 views

CVE-2026-4226

A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub44E8D0 of the file /goform/getvirtualcfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public...

9.8CVSS7.8AI score0.00694EPSS
Exploits1References1
NVD
NVD
added 2026/03/16 2:20 p.m.3 views

CVE-2026-4228

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub458754 of the file /goform/setwifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about th...

9.8CVSS0.05166EPSS
Exploits1References4
NVD
NVD
added 2026/03/16 2:20 p.m.5 views

CVE-2026-4227

A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

9CVSS0.00664EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/16 8:2 a.m.31 views

CVE-2026-4228 LB-LINK BL-WR9000 set_wifi sub_458754 command injection

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub458754 of the file /goform/setwifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about th...

6.5CVSS0.05166EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/16 8:2 a.m.1 views

CVE-2026-4228

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub458754 of the file /goform/setwifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about th...

6.5CVSS5.6AI score0.05166EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/16 8:2 a.m.41 views

CVE-2026-4227 LB-LINK BL-WR9000 get_hidessid_cfg sub_44D844 buffer overflow

A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

9CVSS0.00664EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

LB-LINK BL-WR9000 安全漏洞

The LB-LINK BL-WR9000 is a wireless router produced by the LB-LINK company. Version 2.4.9 of the LB-LINK BL-WR9000 contains a security vulnerability. This vulnerability stems from operations on the function sub44E8D0 within the file/goform/getvirtualcfg, which may lead to a stack buffer overflow...

9.8CVSS7.7AI score0.00694EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.11 views

PT-2026-25636

A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub 44E8D0 of the file /goform/get virtual cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the...

9CVSS6.3AI score0.00694EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2023/02/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

9.8CVSS7.5AI score0.69663EPSS
Exploits1References1
Rows per page
Query Builder