PT-2026-25637 · Lb Link · Lb-Link Bl-Wr9000
Jfkk
+1
·
Published
2026-03-04
·
Updated
2026-04-13
·
CVE-2026-4227
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
LB-LINK BL-WR9000 version 2.4.9
Description
A security issue has been identified in LB-LINK BL-WR9000 version 2.4.9. The issue resides in the
sub 44D844 function within the /goform/get hidessid cfg file. Manipulation of this function leads to a buffer overflow, and the attack can be initiated remotely. The exploit for this issue has been publicly disclosed. The vendor was contacted regarding this disclosure but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Buffer Overflow
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Lb-Link Bl-Wr9000