CVE-2026-4227

High CVSS: 7.4

A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vendor

Lb-link

Product

Bl-wr9000 Firmware

CWE

CWE-119

Yayın Tarihi

2026-03-16 14:20:15

Güncelleme

2026-03-20 18:20:28

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-119 Bl-wr9000 Firmware HIGH Lb-link 2026

Referanslar

https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_HideSSID%20stack%20overflow_EN.md https://vuldb.com/?ctiid.351150 https://vuldb.com/?id.351150 https://vuldb.com/?submit.771209

Benzer Kayıtlar

Medium

CVE-2026-4228

A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wi…

High

CVE-2026-4226

A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /…

High

CVE-2025-10773

A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath o…

High

CVE-2025-57278

The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800_B10_ALK_SL_V01.01.02P42U14_06 does not implement pr…

Medium

CVE-2025-7565

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the functio…

High

CVE-2025-7564

A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is…