| Title | LB-LINK BL-WR9000 V2.4.9 over |
|---|
| Description | The BLINK WR9000 router has a stack overflow vulnerability. The vulnerability exists in the libshare-0.0.26.so shared library, which is called by the /bin/goahead file. Because the underlying process parsing network configuration strings (such as virtual rule information) fails to limit the length of externally formatted incoming data, and copies it into small-capacity local stack variables, an excessively long malformed input will overwrite the function stack frame, causing the system's Web-side service to crash or potentially leading to arbitrary code execution. |
|---|
| Source | ⚠️ https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_VirtualRules%20stack%20overflow_EN.md |
|---|
| User | jfkk (UID 79868) |
|---|
| Submission | 03/04/2026 08:36 (3 months ago) |
|---|
| Moderation | 03/15/2026 19:41 (11 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 351149 [LB-LINK BL-WR9000 2.4.9 /goform/get_virtual_cfg sub_44E8D0 stack-based overflow] |
|---|
| Points | 20 |
|---|