Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bs_SetSSIDHide function.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
10 Jul 2025, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-06-13 12:15
Updated : 2025-07-10 12:15
NVD link : CVE-2025-45985
Mitre link : CVE-2025-45985
CVE.ORG link : CVE-2025-45985
JSON object : View
Products Affected
b-link
- bl-x26_ac8
- bl-f1200_at1_firmware
- bl-wr9000_firmware
- bl-wr9000
- bl-f1200_at1
- bl-x26_da3
- blac450m_ae4
- blac450m_ae4_firmware
- bl-ac2100_az3
- bl-x10_ac8
- bl-x26_ac8_firmware
- bl-x26_da3_firmware
- bl-lte300_firmware
- bl-ac2100_az3_firmware
- bl-x10_ac8_firmware
- bl-lte300
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')