EUVD-2025-30735

Malicious code in bioql PyPI...

CVE-2025-57685

The LB-Link routers, including the BL-AC2100AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000AE4 v2.4.9, BL-AC1900AZ2 v1.0.2, BL-X26AC8 v1.2.8, and BL-LTE300DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/setserialcfg...

PT-2025-39007

The LB-Link routers, including the BL-AC2100 AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000 AE4 v2.4.9, BL-AC1900 AZ2 v1.0.2, BL-X26 AC8 v1.2.8, and BL-LTE300 DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set serial...

CVE-2025-57685

The CVE-2025-57685 issue affects LB-Link routers including BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3. According to the provided sources, the vulnerability is an unauthorized command injection via the /goform/set...

The vulnerability of the reboot() and restore() functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers allows a attacker to execute arbitrary code.

The vulnerability of the reboot and restore functions in the /cgi-bin/lighttpd.cgi microprogramming system of LB-LINK routers is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

CVE-2025-7574

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...

CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to...

LB-LINK多款产品 安全漏洞

LB-LINK BL-AC1900 and others are products of China Bilink LB-LINK.LB-LINK BL-AC1900 is a wireless router.LB-LINK BL-AC3600 is a dual-band Gigabit wireless router that supports both 2.4GHz and 5GHz bands for home and small office networks.LB-LINK AC2100AZ3 is a router. A security vulnerability...

LB-LINK多款产品 安全漏洞

LB-LINK BL-X26 and others are products of China Bilink LB-LINK.LB-LINK BL-X26 is a wireless router.LB-LINK BL-LTE300 is a wireless router.LB-LINK BL-AC2100 is a wireless Wi-Fi 6 router. A security vulnerability exists in several LB-LINK products, which stems from a command injection in the cmd...

LB-LINK多款产品 安全漏洞

LB-LINK BL-X26 and others are products of China Bilink LB-LINK.LB-LINK BL-X26 is a wireless router.LB-LINK BL-LTE300 is a wireless router.LB-LINK BL-AC2100 is a wireless Wi-Fi 6 router. A security vulnerability exists in several LB-LINK products, which stems from a command injection in the dns1 a...

LB-LINK多款产品 安全漏洞

LB-LINK BL-X26 and others are products of China Bilink LB-LINK.LB-LINK BL-X26 is a wireless router.LB-LINK BL-LTE300 is a wireless router.LB-LINK BL-AC2100 is a wireless Wi-Fi 6 router. A security vulnerability exists in several LB-LINK products, which stems from a command injection in the mac...

Command injection

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

Logic Vulnerabilities in Multiple LB-LINK Routers

BL-X22, BL-X16 and BL-X12 are all wireless routers from Shenzhen Bilian Electronics Co. Logic vulnerabilities exist in several LB-LINK routers. Attackers can utilize the vulnerabilities to modify user passwords, wifi passwords and other information...

Command Execution Vulnerability in Multiple LB-LINK Routers

BL-X22, BL-X16 and BL-X12 are all wireless routers from Shenzhen Bilian Electronics Co. A command execution vulnerability exists in multiple LB-LINK routers. An attacker can exploit this vulnerability to gain control of a web server...

Information Disclosure Vulnerability in Multiple LB-LINK Routers

BL-X22, BL-X16 and BL-X12 are all wireless routers from Shenzhen Bilian Electronics Co. An information disclosure vulnerability exists in multiple LB-LINK routers. An attacker can exploit the vulnerabilities to obtain sensitive information...