CNNVD-202509-3626 Information
CNNVD ID
CNNVD-202509-3626
Related CVE
- CNNVD Published: 2025-09-22
Description (Chinese)
LB-LINK BL-AC2100是中国必联(LB-LINK)公司的一款无线 Wi-Fi 6 路由器。 LB-LINK BL-AC2100 1.0.3及之前版本存在安全漏洞,该漏洞源于Web管理接口组件中/goform/set_delshrpath_cfg文件的delshrpath函数对参数Type处理不当,可能导致基于栈的缓冲区溢出。
Description (English)
LB-LINK BL-AC 2100 is a wireless Wi-Fi 6 router of the Chinese Federation of Free Unions (LB-LINK). There is a security gap in LB-LINK BL-AC 2100 1.0.3 and earlier versions, which stems from the inappropriate handling of parameters by the delshrpath function of the Web Management Interface component/goform/set delshrpath cfg file, which could result in a spilling of a cage-based buffer zone.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
网御星云
Published
2025-09-22
Last Modified
2026-02-24
References
https://github.com/maximdevere/CVE2/blob/main/README.md https://vuldb.com/?id.325129 https://vuldb.com/?ctiid.325129 https://vuldb.com/?submit.649901 https://access.redhat.com/security/cve/cve-2025-10773
Share on: