Lb-Link: Security Vulnerabilities
LB-LINK BL-WR 1300H v.1.0.4 contains hardcoded credentials stored in /etc/shadow which are easily guessable.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-11-01
An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack.
CVSS Score
6.3
EPSS Score
0.0
Published
2024-06-14
LB-LINK BL-W1210M v2.0 was discovered to store user credentials in plaintext within the router's firmware.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-14
LB-LINK BL-W1210M v2.0 was discovered to contain a clickjacking vulnerability via the Administrator login page. Attackers can cause victim users to perform arbitrary operations via interaction with crafted elements on the web page.
CVSS Score
8.1
EPSS Score
0.001
Published
2024-06-14
LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg.
CVSS Score
9.8
EPSS Score
0.526
Published
2023-03-26
Page 2