| Título | LB-LINK BL-WR9000 V2.4.9 over |
|---|
| Descripción | The BLINK WR9000 router has a stack overflow vulnerability. The vulnerability exists in the libshare-0.0.26.so shared library, which is called by the /bin/goahead file. Because the underlying process parsing network configuration strings (such as virtual rule information) fails to limit the length of externally formatted incoming data, and copies it into small-capacity local stack variables, an excessively long malformed input will overwrite the function stack frame, causing the system's Web-side service to crash or potentially leading to arbitrary code execution. |
|---|
| Fuente | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_VirtualRules%20stack%20overflow_EN.md |
|---|
| Usuario | jfkk (UID 79868) |
|---|
| Sumisión | 2026-03-04 08:36 (hace 3 meses) |
|---|
| Moderación | 2026-03-15 19:41 (11 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 351149 [LB-LINK BL-WR9000 2.4.9 /goform/get_virtual_cfg sub_44E8D0 desbordamiento de búfer] |
|---|
| Puntos | 20 |
|---|