Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 werediscovered to contain a command injection vulnerability via the mac parameter in the bs_SetMacBlack function.
References
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
Configuration 6 (hide)
| AND |
|
Configuration 7 (hide)
| AND |
|
Configuration 8 (hide)
| AND |
|
History
23 Jul 2025, 20:32
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:h:b-link:bl-x26_da3:-:*:*:*:*:*:*:* cpe:2.3:o:b-link:bl-f1200_at1_firmware:1.0.0:*:*:*:*:*:*:* cpe:2.3:o:b-link:bl-x26_ac8_firmware:1.2.8:*:*:*:*:*:*:* cpe:2.3:h:b-link:blac450m_ae4:-:*:*:*:*:*:*:* |
|
| First Time |
B-link bl-x26 Ac8 Firmware
B-link bl-f1200 At1 Firmware B-link blac450m Ae4 B-link bl-x26 Da3 |
10 Jul 2025, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-06-13 12:15
Updated : 2025-07-23 20:32
NVD link : CVE-2025-45986
Mitre link : CVE-2025-45986
CVE.ORG link : CVE-2025-45986
JSON object : View
Products Affected
b-link
- bl-x26_ac8
- bl-f1200_at1_firmware
- bl-wr9000_firmware
- bl-wr9000
- bl-x26_da3
- bl-f1200_at1
- blac450m_ae4
- blac450m_ae4_firmware
- bl-ac2100_az3
- bl-x10_ac8
- bl-x26_ac8_firmware
- bl-x26_da3_firmware
- bl-lte300_firmware
- bl-ac2100_az3_firmware
- bl-x10_ac8_firmware
- bl-lte300
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')