Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/08/31 12:4 a.m.4 views

CVE-2025-9580

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

8.8CVSS7AI score0.06729EPSS
Exploits1References1
NVD
NVD
added 2025/08/28 7:15 p.m.4 views

CVE-2025-9579

A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...

8.8CVSS0.0692EPSS
Exploits1References5
CVE
CVE
added 2025/08/28 7:2 p.m.17 views

CVE-2025-9580

CVE-2025-9580 affects LB-LINK BL-X26 v1.2.8. The vulnerability lies in the HTTP Handler’s /goform/set_blacklist where manipulating the mac argument enables OS command injection. Exploitation is possible remotely and publicly disclosed; at least one advisory notes exploitation and lack of vendor r...

8.8CVSS6.4AI score0.06729EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/28 6:32 p.m.3 views

CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection

A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...

6.5CVSS6.4AI score0.0692EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.6 views

PT-2025-35131

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-X26 version 1.2.8 Description: A security issue has been identified in LB-LINK BL-X26 version 1.2.8 related to the HTTP Handler component. Manipulation of the mac argument in the /goform/set blacklist file can lead to os command...

6.5CVSS6.2AI score0.06729EPSS
Exploits1References8
VulnCheck KEV
VulnCheck KEV
added 2023/02/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

9.8CVSS7.5AI score0.69663EPSS
Exploits1References1
Rows per page
Query Builder