LB-LINK BL-X26
Approved changes feed: RSS · Atom
cpe:2.3:h:lb-link:bl-x26:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Lb Link (c4849bfd-1224-5f4c-8b14-44a0ede55748) |
|---|---|
| Product | Bl X26 (58e375d8-41c0-501b-b947-821d7fc0e986) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-9580 |
not_vulnerable | 2026-06-03 15:13:46.823993 |
LB-LINK BL-X26 HTTP set_blacklist os command injection
MEDIUM (6.3)
A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2025-08-28T19:02:06.830Z
Updated: 2025-08-28T19:58:24.267Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-26801 |
not_vulnerable | 2026-06-03 14:51:00.374509 |
Details available
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
Published: 2023-03-26T00:00:00.000Z
Updated: 2025-05-05T16:03:35.752Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.