15 matches found
EUVD-2025-21312
Malicious code in bioql PyPI...
CVE-2025-7572
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
CVE-2025-7574
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...
CVE-2025-7572
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
CVE-2025-7574
The CVE-2025-7574 affects LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000, up to version 20250702. The Web Interface’s /cgi-bin/lighttpd.cgi reboot/restore function is susceptible to improper authentication, enabling remote exploitation. Public disclosures exist; ...
CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...
CVE-2025-7573 LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This issue affects the function bsGetManPwd in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads ...
CVE-2025-7573 LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This issue affects the function bsGetManPwd in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads ...
CVE-2025-7573
LB-LINK vulnerability CVE-2025-7573 affects multiple models (LB-AC1900, LB-AC2100 AZ3, LB-AC3600, LB-AX1800, LB-AX5400P, LB-WR9000) via bs_GetManPwd in libblinkapi.so (/cgi-bin/lighttpd.cgi). The issue allows information disclosure and is exploitable remotely; public exploit disclosure exists. Re...
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
PT-2025-29423 · Lb Link · Lb-Link Bl-Ac1900 +5
Name of the Vulnerable Software and Affected Versions: LB-LINK BL-AC1900 LB-LINK BL-AC2100 AZ3 LB-LINK BL-AC3600 LB-LINK BL-AX1800 LB-LINK BL-AX5400P LB-LINK BL-WR9000 versions up to 20250702 Description: A critical vulnerability exists that leads to information disclosure. The issue is located i...
CVE-2023-26801
LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...
CVE-2023-26801
LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg. Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2023-26801
LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...