CVE-2024-33373

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-33373
An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack.

6.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-%28CVE%E2%80%902024%E2%80%9033373%29 Broken Link
https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/ Third Party Advisory
https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-%28CVE%E2%80%902024%E2%80%9033373%29 Broken Link
https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/ Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:lb-link:bl-w1210m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lb-link:bl-w1210m:2.0:*:*:*:*:*:*:*
History

06 Jun 2025, 17:16

Type Values Removed Values Added
First Time Lb-link
Lb-link bl-w1210m Firmware
Lb-link bl-w1210m
CPE cpe:2.3:o:lb-link:bl-w1210m_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:lb-link:bl-w1210m:2.0:*:*:*:*:*:*:*
References () https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-%28CVE%E2%80%902024%E2%80%9033373%29 - () https://github.com/ShravanSinghRathore/Security-Advisory-Multiple-Vulnerabilities-in-LB-link-BL-W1210M-Router/wiki/Password-Policy-Bypass--%7C--Inconsistent-Password-Policy-%28CVE%E2%80%902024%E2%80%9033373%29 - Broken Link
References () https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/ - () https://redfoxsec.com/blog/security-advisory-multiple-vulnerabilities-in-lb-link-bl-w1210m-router/ - Third Party Advisory
Information

Published : 2024-06-14 16:15

Updated : 2025-06-06 17:16

NVD link : CVE-2024-33373

Mitre link : CVE-2024-33373

CVE.ORG link : CVE-2024-33373

JSON object : View

Products Affected

lb-link

  • bl-w1210m
  • bl-w1210m_firmware
CWE
CWE-639

Authorization Bypass Through User-Controlled Key