| タイトル | LB-LINK BL-WR9000 V2.4.9 over |
|---|
| 説明 | The BLINK WR9000 router has a stack overflow vulnerability. The vulnerability exists in the libshare-0.0.26.so shared library, which is called by the /bin/goahead file. Because the underlying process parsing network configuration strings (such as virtual rule information) fails to limit the length of externally formatted incoming data, and copies it into small-capacity local stack variables, an excessively long malformed input will overwrite the function stack frame, causing the system's Web-side service to crash or potentially leading to arbitrary code execution. |
|---|
| ソース | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_VirtualRules%20stack%20overflow_EN.md |
|---|
| ユーザー | jfkk (UID 79868) |
|---|
| 送信 | 2026年03月04日 08:36 (3 月 ago) |
|---|
| モデレーション | 2026年03月15日 19:41 (11 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 351149 [LB-LINK BL-WR9000 2.4.9 /goform/get_virtual_cfg sub_44E8D0 メモリ破損] |
|---|
| ポイント | 20 |
|---|