Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9, BL-AC1900_AZ2 v1.0.2, BL-X26_AC8 v1.2.8, and BL-LTE300_DA4 V1.2.3 models, are vulnerable to unauthorized command injection. Attackers can exploit this vulnerability by accessing the /goform/set_serial_cfg interface to gain the highest level of device privileges without authorization, enabling them to remotely execute malicious commands.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LB-Link多款产品 安全漏洞
Vulnerability Description
LB-Link BL-AC2100_AZ3等都是中国必联(LB-Link)公司的一款无线路由器。 LB-Link多款产品存在安全漏洞,该漏洞源于/goform/set_serial_cfg接口存在未授权命令注入,可能导致远程执行恶意命令。以下产品及版本受到影响:BL-AC2100_AZ3 V1.0.4版本、BL-WR4000 v2.5.0版本、BL-WR9000_AE4 v2.4.9版本、BL-AC1900_AZ2 v1.0.2版本、BL-X26_AC8 v1.2.8版本和BL-LTE300_DA4 V1
CVSS Information
N/A
Vulnerability Type
N/A