| Título | LB-LINK BL-WR9000 V2.4.9 over |
|---|
| Descrição | The BLINK WR9000 router has a stack overflow vulnerability. The vulnerability exists in the libshare-0.0.26.so shared library, which is called by the /bin/goahead file. Because the underlying process parsing network configuration strings (such as virtual rule information) fails to limit the length of externally formatted incoming data, and copies it into small-capacity local stack variables, an excessively long malformed input will overwrite the function stack frame, causing the system's Web-side service to crash or potentially leading to arbitrary code execution. |
|---|
| Fonte | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_VirtualRules%20stack%20overflow_EN.md |
|---|
| Utilizador | jfkk (UID 79868) |
|---|
| Submissão | 04/03/2026 08h36 (há 3 meses) |
|---|
| Moderação | 15/03/2026 19h41 (11 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 351149 [LB-LINK BL-WR9000 2.4.9 /goform/get_virtual_cfg sub_44E8D0 Excesso de tampão] |
|---|
| Pontos | 20 |
|---|