Vulnerability Details CVE-2025-45984
Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.9%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2025-45984
-
cpe:2.3:h:b-link:bl-ac1900:-
-
cpe:2.3:h:b-link:bl-ac2100_az3:-
-
cpe:2.3:h:b-link:bl-f1200_at1:-
-
cpe:2.3:h:b-link:bl-lte300:-
-
cpe:2.3:h:b-link:bl-wr9000:-
-
cpe:2.3:h:b-link:bl-x10_ac8:-
-
cpe:2.3:h:b-link:bl-x26_ac8:-
-
cpe:2.3:h:b-link:bl-x26_da3:-
-
cpe:2.3:h:b-link:blac450m_ae4:-
-
cpe:2.3:o:b-link:bl-ac1900_firmware:1.0.2
-
cpe:2.3:o:b-link:bl-ac2100_az3_firmware:1.0.4
-
cpe:2.3:o:b-link:bl-f1200_at1_firmware:1.0.0
-
cpe:2.3:o:b-link:bl-lte300_firmware:1.2.3
-
cpe:2.3:o:b-link:bl-wr9000_firmware:2.4.9
-
cpe:2.3:o:b-link:bl-x10_ac8_firmware:1.0.5
-
cpe:2.3:o:b-link:bl-x26_ac8_firmware:1.2.8
-
cpe:2.3:o:b-link:bl-x26_da3_firmware:1.2.7
-
cpe:2.3:o:b-link:blac450m_ae4_firmware:4.0.0