We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-7574

LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication



Description

EN DE

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. Affected is the function reboot/restore of the file /cgi-bin/lighttpd.cgi of the component Web Interface. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Es wurde eine Schwachstelle in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 bis 20250702 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion reboot/restore der Datei /cgi-bin/lighttpd.cgi der Komponente Web Interface. Dank der Manipulation mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.

Reserved 2025-07-13 | Published 2025-07-14 | Updated 2025-07-14 | Assigner VulDB


CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:R
CRITICAL: 9.8CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:R
10.0AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:W/RC:UR

Problem types

Improper Authentication

Product status

20250702
affected

20250702
affected

20250702
affected

20250702
affected

20250702
affected

20250702
affected

Timeline

2025-07-13:Advisory disclosed
2025-07-13:VulDB entry created
2025-07-13:VulDB entry last update

Credits

waiwai24 (VulDB User) reporter

References

vuldb.com/?id.316272 (VDB-316272 | LB-LINK BL-WR9000 Web Interface lighttpd.cgi restore improper authentication) vdb-entry technical-description

vuldb.com/?ctiid.316272 (VDB-316272 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/?submit.608018 (Submit #608018 | Blink BL-AX5400P V1.0.19、BL-AX1800 V1.0.19、BL-AC3600 V1.0.22、BL-WR9000 V2.4.9、BL-AC1900 V1.0.2、BL-AC2100_AZ3 V1.0.4 BL-AX5400P V1.0.19、BL-AX1800 V1.0.19、BL-AC3600 V1.0.22、BL-WR9000 V2.4.9、BL-AC1900 V1.0.2、BL-AC2100_AZ3 V1.0.4 Incorrect) third-party-advisory

github.com/...its_Arbitrary_Sensitive_Operation_Execution.md related

github.com/...its_Arbitrary_Sensitive_Operation_Execution.md exploit

cve.org (CVE-2025-7574)

nvd.nist.gov (CVE-2025-7574)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-7574

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.