Primary

Context

Blink Routers Command Injection Vulnerability

Vulnerability

Multiple command injection vulnerabilities have been identified in various Blink router models, including the BL-WR9000, BL-AC2100_AZ3, BL-X10_AC8, BL-LTE300, BL-F1200_AT1, BL-X26_AC8, BL-AC450M_AE4, and BL-X26_DA3. These vulnerabilities arise from the 'cmd' parameter in the 'bs_SetCmd' function, allowing unauthorized command injection.

Impact

Exploitation of these vulnerabilities allows for unauthorized command injection on the affected routers.

Added: Jun 13, 2025, 12:21 PM

Updated: Jun 13, 2025, 12:21 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

8.4

remediation

0.0

relevance

0.2

threat

6.7

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

8.4

remediation

0.0

relevance

0.2

threat

6.7

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Blink Routers Command Injection Vulnerability

Vulnerability

Impact

Affected Products

Blink BL-WR9000

Blink BL-AC2100_AZ3

Blink BL-X10_AC8

Blink BL-LTE300

Blink BL-F1200_AT1

Blink BL-X26_AC8

Blink BL-X26_DA3

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating