CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-45987

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain multiple command injection vulnerabilities via the dns1 and dns2 parameters in the bs_SetDNSInfo function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_dns1%20Unauthorized%20command%20injection/The%20LB-LINK_dns1%20command%20is%20used%20to%20inject%20the%20information.md

Products affected by CVE-2025-45987

B-Link » Bl-Ac2100 Az3 » Version: N/A

cpe:2.3:h:b-link:bl-ac2100_az3:-
B-Link » Bl-F1200 At1 » Version: N/A

cpe:2.3:h:b-link:bl-f1200_at1:-
B-Link » Bl-Lte300 » Version: N/A

cpe:2.3:h:b-link:bl-lte300:-
B-Link » Bl-Wr9000 » Version: N/A

cpe:2.3:h:b-link:bl-wr9000:-
B-Link » Bl-X26 Ac8 » Version: N/A

cpe:2.3:h:b-link:bl-x26_ac8:-
B-Link » Bl-X26 Da3 » Version: N/A

cpe:2.3:h:b-link:bl-x26_da3:-
B-Link » Blac450m Ae4 » Version: N/A

cpe:2.3:h:b-link:blac450m_ae4:-
B-Link » Bl-Ac2100 Az3 Firmware » Version: 1.0.4

cpe:2.3:o:b-link:bl-ac2100_az3_firmware:1.0.4
B-Link » Bl-F1200 At1 Firmware » Version: 1.0.0

cpe:2.3:o:b-link:bl-f1200_at1_firmware:1.0.0
B-Link » Bl-Lte300 Firmware » Version: 1.2.3

cpe:2.3:o:b-link:bl-lte300_firmware:1.2.3
B-Link » Bl-Wr9000 Firmware » Version: 2.4.9

cpe:2.3:o:b-link:bl-wr9000_firmware:2.4.9
B-Link » Bl-X26 Ac8 Firmware » Version: 1.2.8

cpe:2.3:o:b-link:bl-x26_ac8_firmware:1.2.8
B-Link » Bl-X26 Da3 Firmware » Version: 1.2.7

cpe:2.3:o:b-link:bl-x26_da3_firmware:1.2.7
B-Link » Blac450m Ae4 Firmware » Version: 4.0.0

cpe:2.3:o:b-link:blac450m_ae4_firmware:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-45987

Products

Pricing

Contact Us