PT-2026-25636 · Lb Link · Lb-Link Bl-Wr9000
Jfkk
+1
·
Published
2026-03-04
·
Updated
2026-03-16
·
CVE-2026-4226
CVSS v2.0
10
Critical
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
LB-LINK BL-WR9000 version 2.4.9
Description
A weakness exists in LB-LINK BL-WR9000 version 2.4.9. The issue is related to the
sub 44E8D0 function within the /goform/get virtual cfg file. A manipulation of this function can lead to a stack-based buffer overflow. The attack can be performed remotely. The exploit for this issue is publicly available. The vendor was contacted regarding this disclosure but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Stack Overflow
Memory Corruption
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Lb-Link Bl-Wr9000