7 matches found
CVE-2025-7573 LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This issue affects the function bsGetManPwd in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads ...
CVE-2025-7572
CVE-2025-7572 affects LB-LINK models LB-AC1900, LB-AC2100 AZ3, LB-AC3600, LB-AX1800, LB-AX5400P, and LB-WR9000 up to version 20250702. The root cause is information disclosure via the function bs_GetHostInfo in libblinkapi.so, invoked through /cgi-bin/lighttpd.cgi. Attack vector is remote over ne...
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bsGetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to...
CVE-2025-7565 LB-LINK BL-AC3600 Web Management Interface lighttpd.cgi geteasycfg information disclosure
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function geteasycfg of the file /cgi-bin/lighttpd.cgi of the component Web Management Interface. The manipulation of the argument Password leads to information disclosure. It is possib...
LB-LINK BL-AC3600 访问控制错误漏洞
LB-LINK BL-AC3600 is a dual-band Gigabit wireless router from China Bilink LB-LINK that supports 2.4GHz and 5GHz bands for home and small office networks. An access control error vulnerability exists in LB-LINK BL-AC3600 1.0.22 and earlier versions, which originates from improper operation of the...
CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection
A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easyucisetoptionstring0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to...