| Title | LB-LINK BL-X26 v1.2.8 Command Injection |
|---|
| Description | B-Link X26 router V1.2.8 version has a command execution vulnerability. Triggering this vulnerability requires authorization. After obtaining authorization, the attacker can trigger the vulnerability by sending a malicious HTTP POST request to achieve the purpose of command execution. |
|---|
| Source | ⚠️ https://github.com/lin-3-start/lin-cve/blob/main/B-Link%20X26%20V1.2.8-1/B-Link%20X26%20V1.2.8.md |
|---|
| User | QMSSDXN (UID 88719) |
|---|
| Submission | 08/16/2025 12:52 (10 months ago) |
|---|
| Moderation | 08/28/2025 14:15 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 321692 [LB-LINK BL-X26 1.2.8 HTTP /goform/set_hidessid_cfg enable os command injection] |
|---|
| Points | 17 |
|---|