CNNVD-202601-4566 Information

CNNVD ID

CNNVD-202601-4566

Related CVE

CVE-2025-12386

• CNNVD Published: 2026-01-27

Description (Chinese)

Pix-Link LV-WR21Q是中国Pix-Link公司的一款无线路由器。 Pix-Link LV-WR21Q存在访问控制错误漏洞，该漏洞源于端点/goform/getHomePageInfo缺少身份验证，可能导致未经身份验证的攻击者检索明文密码。

Description (English)

Pix-Link LV-WR21Q is a wireless router of Pix-Link China. Pix-Link LV-WR21Q has an access control error loophole, which stems from the lack of identification at the end point/goform/getHomePageInfo, which may lead to the search of explicit passwords by the attacker without identification.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

PIX-LINK

Published

2026-01-27

Last Modified

2026-02-24

References

https://www.pix-link.com/lv-wr21q https://cert.pl/en/posts/2026/01/CVE-2025-12386 https://github.com/wcyb/security_research https://access.redhat.com/security/cve/cve-2025-12386