CVE-2025-45985
CRITICALDescription
Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL-F1200_AT1 v1.0.0, BL-X26_AC8 v1.2.8, BLAC450M_AE4 v4.0.0 and BL-X26_DA3 v1.2.7 were discovered to contain a command injection vulnerability via the bs_SetSSIDHide function.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| b-link | bl-wr9000_firmware |
| b-link | bl-wr9000 |
| b-link | bl-ac2100_az3_firmware |
| b-link | bl-ac2100_az3 |
| b-link | bl-x10_ac8_firmware |
| b-link | bl-x10_ac8 |
| b-link | bl-lte300_firmware |
| b-link | bl-lte300 |
| b-link | bl-f1200_at1_firmware |
| b-link | bl-f1200_at1 |
| b-link | bl-x26_ac8_firmware |
| b-link | bl-x26_ac8 |
| b-link | blac450m_ae4_firmware |
| b-link | blac450m_ae4 |
| b-link | bl-x26_da3_firmware |
| b-link | bl-x26_da3 |
References
Frequently Asked Questions
What is CVE-2025-45985? +
How severe is CVE-2025-45985? +
What products are affected by CVE-2025-45985? +
How do I check if I'm vulnerable to CVE-2025-45985? +
Related Vulnerabilities
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments …
launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the …
Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x, R321.x, R322.1, R322.2, R323.x, R330.1 contains a command …
Terraform WinDNS Provider allows users to manage their Windows DNS server resources through Terraform. A security issue has been found …
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application. This device exposes a web management …
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an authenticated remote attacker to execute arbitrary …