Lucene search
K

228 matches found

Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.3 views

PT-2024-25223 · Lb Link · Lb-Link Bl-W1210M

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: A clickjacking issue was discovered via the Administrator login page. Attackers can cause victim users to perform arbitrary operations by interacting with crafted elements on the web page...

8.1CVSS6.4AI score0.00442EPSS
Exploits1References6
CVE
CVE
added 2024/06/14 12:0 a.m.42 views

CVE-2024-33374

CVE-2024-33374 affects the LB-LINK BL-W1210M v2.0 router. The issue is an incorrect access control in the UART/Serial interface that allows attackers to reach the root terminal without authentication. The CVSS base score is 9.8 (CRITICAL) with NETWORK attack vector, low complexity, no privileges ...

9.8CVSS7.2AI score0.00539EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.2 views

LB-LINK BL-W1210M Security Breach

LB-LINK BL-W1210M is a wireless router from China Bilink LB-LINK. A security vulnerability exists in LB-LINK BL-W1210M v2.0, which stems from incorrect access control...

9.8CVSS6.8AI score0.00539EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.2 views

LB-LINK BL-W1210M Security Breach

LB-LINK BL-W1210M is a wireless router from China Bilink LB-LINK. A security vulnerability exists in LB-LINK BL-W1210M version v2.0, which originates from storing user credentials in plain text...

9.8CVSS6.8AI score0.00619EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.2 views

PT-2024-25220 · Lb Link · Lb-Link Bl-W1210M

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: An issue in the LB-LINK BL-W1210M router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This can allow attackers to access the router v...

6.3CVSS7.4AI score0.00301EPSS
Exploits0References6
CVE
CVE
added 2024/06/14 12:0 a.m.45 views

CVE-2024-33373

The CVE-2024-33373 issue affects LB-LINK BL-W1210M v2.0 routers. The vulnerability allows bypassing password complexity requirements and setting single-digit passwords, enabling brute-force access to the device. Public documents consistently reference the router model and the authentication weakn...

6.3CVSS7.1AI score0.00301EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/14 12:0 a.m.21 views

CVE-2024-33374

Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal without authentication...

0.00539EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 12:0 a.m.19 views

CVE-2024-33373

An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack...

0.00301EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 12:0 a.m.22 views

CVE-2024-33375

LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware...

0.00619EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/14 12:0 a.m.25 views

CVE-2024-33377

LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page...

0.00442EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.4 views

PT-2024-25221 · Lb Link · Lb-Link Bl-W1210M

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: The issue is related to incorrect access control in the UART/Serial interface, allowing attackers to access the root terminal without authentication. This enables unauthorized access to the system...

9.8CVSS6.6AI score0.00539EPSS
Exploits0References5
CVE
CVE
added 2024/06/14 12:0 a.m.45 views

CVE-2024-33377

LB-LINK BL-W1210M v2.0 is affected by a clickjacking vulnerability on the Administrator login page. The root cause is a UI‑level clickjack surface that can cause victims to perform arbitrary actions via crafted elements. Exploitation details and a formal fix/version are not provided across the co...

8.1CVSS7.4AI score0.00442EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/14 12:0 a.m.12 views

CVE-2024-33374

Incorrect access control in the UART/Serial interface on the LB-LINK BL-W1210M v2.0 router allows attackers to access the root terminal without authentication...

6.9AI score0.00539EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/06/14 12:0 a.m.13 views

CVE-2024-33373

An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack...

7AI score0.00301EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.2 views

PT-2024-25222 · Lb Link · Lb-Link Bl-W1210M

Name of the Vulnerable Software and Affected Versions: LB-LINK BL-W1210M version 2.0 Description: The issue concerns the storage of user credentials in plaintext within the router's firmware. This means that sensitive information, such as usernames and passwords, is not encrypted and can be easil...

10CVSS6.2AI score0.00619EPSS
Exploits1References7
Prion
Prion
added 2023/03/26 9:15 p.m.30 views

Command injection

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

7.5CVSS9.8AI score0.69663EPSS
Exploits1References1Affected Software4
Vulnrichment
Vulnrichment
added 2023/03/26 12:0 a.m.8 views

CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

10AI score0.69663EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/03/26 12:0 a.m.51 views

CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg. Recent assessments: Assessed Attacker Value: 0 Assessed...

9.8CVSS9.9AI score0.69663EPSS
In wildExploits1References3
Cvelist
Cvelist
added 2023/03/26 12:0 a.m.24 views

CVE-2023-26801

LB-LINK BL-AC19002.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/setLimitClientcfg...

10AI score0.69663EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/03/26 12:0 a.m.4 views

PT-2023-2961

Name of the Vulnerable Software and Affected Versions LB-LINK BL-AC1900 2.0 version 1.0.1 LB-LINK BL-WR9000 version 2.4.9 LB-LINK BL-X26 version 1.2.5 LB-LINK BL-LTE300 version 1.0.8 Description The issue is related to a command injection vulnerability via the mac, time1, and time2 parameters at...

10CVSS10AI score0.69663EPSS
Exploits1References19
Rows per page
Query Builder