- Description
- A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Secondary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- cna@vuldb.com
- CWE-287
- Hype score
- Not currently trending
CVE-2025-7574 är en kritisk sårbarhet i LB-LINK-routrar som gör det möjligt för angripare att utföra potentiellt allvarliga åtgärder utan korrekt autentisering. Säkerhetsrisker för hem- och företagsnätverk måste hanteras omedelbart. #säkerhet #cybersäkerhet #CVE
@Sakerhetsblogg
14 Jul 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-7574 Remote Authentication Bypass in LB-LINK Router Web Interface Firmw... https://t.co/gh5erEb6wY Vulnerability Alert Subscriptions: https://t.co/hrQhy5uz4x
@VulmonFeeds
14 Jul 2025
72 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-7574 A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affecte… https://t.co/qufr1377Vu
@CVEnew
14 Jul 2025
326 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-7574: CRITICAL] Critical cyber security vulnerability found in LB-LINK routers can allow remote attacks. The vendor was notified but did not respond. Stay aware and take precautions.#cve,CVE-2025-7574,#cybersecurity https://t.co/8fgkisD30e https://t.co/zxLg6P8oo9
@CveFindCom
14 Jul 2025
99 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes