CVE-2025-29063

Critical CVSS: 9.8

An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.

Vendor

Lb-link

Product

Bl-ac2100 Firmware

CWE

CWE-77

Yayın Tarihi

2025-04-02 21:15:32

Güncelleme

2025-04-29 13:38:03

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-77 Bl-ac2100 Firmware CRITICAL Lb-link 2025

Referanslar

https://www.yuque.com/jichujiliangdanwei/vwbq9e/grfgkm2kvk6btwbp https://www.yuque.com/jichujiliangdanwei/vwbq9e/ux1426h170rhgfn7 https://www.yuque.com/jichujiliangdanwei/vwbq9e/ux1426h170rhgfn7

Benzer Kayıtlar

Medium

CVE-2026-4228

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wi…

High

CVE-2026-4226

A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /…

High

CVE-2026-4227

A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 o…

High

CVE-2025-10773

A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath o…

High

CVE-2025-57278

The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800_B10_ALK_SL_V01.01.02P42U14_06 does not implement pr…

Medium

CVE-2025-7565

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the functio…