Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Lb-link Subscribe
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-33373 1 Lb-link 2 Bl-w1210m, Bl-w1210m Firmware 2025-06-06 N/A 6.3 MEDIUM
An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack.
CVE-2024-33377 1 Lb-link 2 Bl-w1210m, Bl-w1210m Firmware 2025-05-30 N/A 8.1 HIGH
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page.
CVE-2024-33375 1 Lb-link 2 Bl-w1210m, Bl-w1210m Firmware 2025-05-30 N/A 9.8 CRITICAL
LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.
CVE-2023-26801 1 Lb-link 8 Bl-ac1900, Bl-ac1900 Firmware, Bl-lte300 and 5 more 2025-05-05 N/A 9.8 CRITICAL
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
CVE-2025-29062 1 Lb-link 2 Bl-ac2100, Bl-ac2100 Firmware 2025-04-29 N/A 9.8 CRITICAL
An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.
CVE-2025-29063 1 Lb-link 2 Bl-ac2100, Bl-ac2100 Firmware 2025-04-29 N/A 9.8 CRITICAL
An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.
CVE-2024-51431 1 Lb-link 2 Bl-wr1300h, Bl-wr1300h Firmware 2024-11-05 N/A 9.8 CRITICAL
LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable.