| Titel | LB-LINK BL-WR9000 V2.4.9 over |
|---|
| Beschreibung | The BLINK WR9000 router has a stack overflow vulnerability. The vulnerability exists in the libshare-0.0.26.so shared library, which is called by the /bin/goahead file. Because the underlying process parsing network configuration strings (such as virtual rule information) fails to limit the length of externally formatted incoming data, and copies it into small-capacity local stack variables, an excessively long malformed input will overwrite the function stack frame, causing the system's Web-side service to crash or potentially leading to arbitrary code execution. |
|---|
| Quelle | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_VirtualRules%20stack%20overflow_EN.md |
|---|
| Benutzer | jfkk (UID 79868) |
|---|
| Einreichung | 04.03.2026 08:36 (vor 3 Monaten) |
|---|
| Moderieren | 15.03.2026 19:41 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 351149 [LB-LINK BL-WR9000 2.4.9 /goform/get_virtual_cfg sub_44E8D0 Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|