PT-2026-25637 · Lb Link · Lb-Link Bl-Wr9000

Jfkk

Publicado

2026-03-04

Atualizado

2026-04-13

CVE-2026-4227

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions LB-LINK BL-WR9000 version 2.4.9

Description A security issue has been identified in LB-LINK BL-WR9000 version 2.4.9. The issue resides in the sub 44D844 function within the /goform/get hidessid cfg file. Manipulation of this function leads to a buffer overflow, and the attack can be initiated remotely. The exploit for this issue has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-120CWE-119CWE-125

Identificadores relacionados

BDU:2026-04239

CVE-2026-4227

Produtos afetados

Lb-Link Bl-Wr9000

PT-2026-25637 · Lb Link · Lb-Link Bl-Wr9000

CVE-2026-4227

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12