CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2025-7574 – LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication
https://notcve.org/view.php?id=CVE-2025-7574
14 Jul 2025 — A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Privilege_Control_Defect_in_Blink_Router_Web_Interface_Permits_Arbitrary_Sensitive_Operation_Execution.md • CWE-287: Improper Authentication •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2025-7573 – LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure
https://notcve.org/view.php?id=CVE-2025-7573
14 Jul 2025 — A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This issue affects the function bs_GetManPwd in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Web_Interface_Login_Credential_Disclosure_Risk_in_Various_Blink_Router_Models.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 1CVE-2025-7572 – LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure
https://notcve.org/view.php?id=CVE-2025-7572
14 Jul 2025 — A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bs_GetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Information_Exposure_Vulnerabilities_in_Various_Blink_Router_Models.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 6.9EPSS: 0%CPEs: 23EXPL: 1CVE-2025-7565 – LB-LINK BL-AC3600 Web Management Interface lighttpd.cgi geteasycfg information disclosure
https://notcve.org/view.php?id=CVE-2025-7565
14 Jul 2025 — A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function geteasycfg of the file /cgi-bin/lighttpd.cgi of the component Web Management Interface. The manipulation of the argument Password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Plaintext_Password_Leakage_in_the_Web_Management_Interface_of_BL-AC3600_Routers.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7564 – LB-LINK BL-AC3600 shadow hard-coded credentials
https://notcve.org/view.php?id=CVE-2025-7564
14 Jul 2025 — A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. • https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Hardcoded_Credentials_in_BL-AC3600_Routers.md • CWE-259: Use of Hard-coded Password CWE-798: Use of Hard-coded Credentials •
CVSS: 6.5EPSS: 1%CPEs: 23EXPL: 2CVE-2025-4076 – LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection
https://notcve.org/view.php?id=CVE-2025-4076
29 Apr 2025 — A vulnerability classified as critical has been found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function easy_uci_set_option_string_0 of the file /cgi-bin/lighttpd.cgi of the component Password Handler. The manipulation of the argument routepwd leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. • https://vuldb.com/?id.306513 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1610 – LB-LINK AC1900 Router set_blacklist websGetVar os command injection
https://notcve.org/view.php?id=CVE-2025-1610
24 Feb 2025 — A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this issue is the function websGetVar of the file /goform/set_blacklist. The manipulation of the argument mac/enable leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • https://noisy-caravel-a9a.notion.site/LBLINK_AC1900_V1-0-2_-set_blacklist-_-bs_SetMacBlack-_CI-179898c94eac802b9451fcb79aa668c3?pvs=74 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1609 – LB-LINK AC1900 Router set_cmd websGetVar os command injection
https://notcve.org/view.php?id=CVE-2025-1609
24 Feb 2025 — A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by this vulnerability is the function websGetVar of the file /goform/set_cmd. The manipulation of the argument cmd leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://noisy-caravel-a9a.notion.site/LBLINK_AC1900_V1-0-2_-set_cmd-_-bs_SetCmd-_CI-179898c94eac808e8875e0b8e1bee47e?pvs=74 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-1608 – LB-LINK AC1900 Router set_manpwd websGetVar os command injection
https://notcve.org/view.php?id=CVE-2025-1608
24 Feb 2025 — A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2. Affected is the function websGetVar of the file /goform/set_manpwd. The manipulation of the argument routepwd leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://noisy-caravel-a9a.notion.site/LBLINK_AC1900_V1-0-2_-set_manpwd-_-bl_do_system-_CI-179898c94eac81b9bf56c1f64db77e2d?pvs=74 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51431
https://notcve.org/view.php?id=CVE-2024-51431
01 Nov 2024 — LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable. • https://github.com/MatJosephs/CVEs/tree/main/CVE-2024-51431 • CWE-798: Use of Hard-coded Credentials •