CVE-2023-26801 Information

Description

LB-LINK BL-AC1900_2.0 v1.0.1 LB-LINK BL-WR9000 v2.4.9 LB-LINK BL-X26 v1.2.5 and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac time1 and time2 parameters at /goform/set_LimitClient_cfg.

Reference

https://github.com/winmt/my-vuls/tree/main/LB-LINK%20BL-AC1900%2C%20BL-WR9000%2C%20BL-X26%20and%20BL-LTE300%20Wireless%20Routers