CVE-2026-4228
- EPSS 0.38%
- Veröffentlicht 16.03.2026 08:02:10
- Zuletzt bearbeitet 20.03.2026 18:19:54
A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wifi. The manipulation results in command injection. It is possible to launch the attack remotely. The exploit is now public and may...
CVE-2026-4227
- EPSS 0.12%
- Veröffentlicht 16.03.2026 08:02:08
- Zuletzt bearbeitet 20.03.2026 18:20:28
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. Th...
CVE-2026-4226
- EPSS 0.12%
- Veröffentlicht 16.03.2026 07:32:10
- Zuletzt bearbeitet 20.03.2026 18:21:05
A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer overflow. The attack may be performed from remote....
CVE-2023-26801
- EPSS 60.9%
- Veröffentlicht 26.03.2023 21:15:07
- Zuletzt bearbeitet 05.05.2025 16:15:32
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.