GCVE - cpe:2.3:a:lb-link:bl-x26:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:lb-link:bl-x26:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Lb Link (`c4849bfd-1224-5f4c-8b14-44a0ede55748`)
Product	Bl X26 (`58e375d8-41c0-501b-b947-821d7fc0e986`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-9580`	vulnerable	2026-06-03 15:13:46.821257	LB-LINK BL-X26 HTTP set_blacklist os command injection MEDIUM (6.3) A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/set_blacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-08-28T19:02:06.830Z Updated: 2025-08-28T19:58:24.267Z Open on db.gcve.eu Reference links https://vuldb.com/?id.321693 https://vuldb.com/?ctiid.321693 https://vuldb.com/?submit.636083 https://github.com/lin-3-start/lin-cve/blob/main/B-Link%20X26%20V1.2.8-2/B-Link%20X26%20V1.2.8.md https://github.com/lin-3-start/lin-cve/blob/main/B-Link%20X26%20V1.2.8-2/B-Link%20X26%20V1.2.8.md#3poc	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-9579`	vulnerable	2026-06-03 15:13:46.817602	LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection MEDIUM (6.3) A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/set_hidessid_cfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way. Published: 2025-08-28T18:32:09.759Z Updated: 2025-08-28T18:41:59.318Z Open on db.gcve.eu Reference links https://vuldb.com/?id.321692 https://vuldb.com/?ctiid.321692 https://vuldb.com/?submit.636082 https://github.com/lin-3-start/lin-cve/blob/main/B-Link%20X26%20V1.2.8-1/B-Link%20X26%20V1.2.8.md https://github.com/lin-3-start/lin-cve/blob/main/B-Link%20X26%20V1.2.8-1/B-Link%20X26%20V1.2.8.md#3-poc	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.