Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LB-LINK — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting LB-LINK. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LB-LINK specializes in networking equipment, including routers and switches, for small to medium businesses and home users. Historically, their products have been vulnerable to multiple remote code execution, cross-site scripting, and privilege escalation flaws, with 14 CVEs documented. Security researchers have frequently identified authentication bypass issues and insecure default configurations. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks in unpatched deployments. Their devices often lack timely security updates, leaving exposed networks susceptible to exploitation. Organizations using LB-LINK equipment should prioritize regular firmware updates and network segmentation to mitigate potential threats.

Top products by LB-LINK: AC1900 Router BL-AC3600 BL-AC1900 BL-WR9000 BL-X26
CVE IDTitleCVSSSeverityPublished
CVE-2026-4228 LB-LINK BL-WR9000 set_wifi sub_458754 command injection — BL-WR9000CWE-77 6.3 Medium2026-03-16
CVE-2026-4227 LB-LINK BL-WR9000 get_hidessid_cfg sub_44D844 buffer overflow — BL-WR9000CWE-120 8.8 High2026-03-16
CVE-2026-4226 LB-LINK BL-WR9000 get_virtual_cfg sub_44E8D0 stack-based overflow — BL-WR9000CWE-121 8.8 High2026-03-16
CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection — BL-X26CWE-78 6.3 Medium2025-08-28
CVE-2025-9579 LB-LINK BL-X26 HTTP set_hidessid_cfg os command injection — BL-X26CWE-78 6.3 Medium2025-08-28
CVE-2025-7574 LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication — BL-AC1900CWE-287 9.8 Critical2025-07-14
CVE-2025-7573 LB-LINK BL-WR9000 lighttpd.cgi bs_GetManPwd information disclosure — BL-AC1900CWE-200 5.3 Medium2025-07-14
CVE-2025-7572 LB-LINK BL-WR9000 lighttpd.cgi bs_GetHostInfo information disclosure — BL-AC1900CWE-200 5.3 Medium2025-07-14
CVE-2025-7565 LB-LINK BL-AC3600 Web Management Interface lighttpd.cgi geteasycfg information disclosure — BL-AC3600CWE-200 5.3 Medium2025-07-14
CVE-2025-7564 LB-LINK BL-AC3600 shadow hard-coded credentials — BL-AC3600CWE-798 7.8 High2025-07-14
CVE-2025-4076 LB-LINK BL-AC3600 Password lighttpd.cgi easy_uci_set_option_string_0 command injection — BL-AC3600CWE-77 6.3 Medium2025-04-29
CVE-2025-1610 LB-LINK AC1900 Router set_blacklist websGetVar os command injection — AC1900 RouterCWE-78 6.3 Medium2025-02-24
CVE-2025-1609 LB-LINK AC1900 Router set_cmd websGetVar os command injection — AC1900 RouterCWE-78 6.3 Medium2025-02-24
CVE-2025-1608 LB-LINK AC1900 Router set_manpwd websGetVar os command injection — AC1900 RouterCWE-78 6.3 Medium2025-02-24

This page lists every published CVE security advisory associated with LB-LINK. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.