← Back

Bl Ac3600 Firmware

bl-ac3600_firmware

Vendor: Lb Link • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-7565
1Lb Link
1Bl Ac3600 Firmware
Jul 17, 2025
Jul 14, 2025
5.5 MEDIUM· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function geteasycfg of the file /cgi-bin/lighttpd.cgi of the component Web Management Interface. The manipu...Show more
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22. This affects the function geteasycfg of the file /cgi-bin/lighttpd.cgi of the component Web Management Interface. The manipulation of the argument Password leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-7564
1Lb Link
1Bl Ac3600 Firmware
Apr 29, 2026
Jul 14, 2025
7.1 HIGH· v4
7.8 HIGH· v3
6.8 MEDIUM· v2
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin...Show more
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.Show less