Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

LB-LINK BL-AC3600 Hard-Coded Credentials Vulnerability

Vulnerability

Exploited

A critical vulnerability exists in the LB-LINK BL-AC3600 router model, specifically in version 1.0.22. This vulnerability involves hard-coded credentials stored in the /etc/shadow file. The credentials can be accessed locally by manipulating the input to 'root:blinkadmin'. The issue has been publicly disclosed, and an exploit is available.

Impact

Exploitation of this vulnerability leads to the introduction of hard-coded credentials, which can be used for unauthorized access or actions on the device.

Reproduction

To reproduce this vulnerability, local access to the LB-LINK BL-AC3600 router running firmware version 1.0.22 is required. Once access is obtained, the /etc/shadow file can be manipulated with the input 'root:blinkadmin' to retrieve the hard-coded credentials.

Added: Jul 14, 2025, 3:27 AM

Updated: Jul 14, 2025, 3:27 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.0

remediation

0.0

relevance

0.3

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.0

remediation

0.0

relevance

0.3

threat

8.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

LB-LINK BL-AC3600 Hard-Coded Credentials Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating