{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:40:09.692","vulnerabilities":[{"cve":{"id":"CVE-2025-45984","sourceIdentifier":"cve@mitre.org","published":"2025-06-13T12:15:33.217","lastModified":"2025-07-10T12:15:37.927","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 function."},{"lang":"es","value":"Se descubrió que los enrutadores Blink BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 y BL-X26_DA3 V1.2.7 contienen una vulnerabilidad de inyección de comandos a través del parámetro routepwd en la función sub_45B238."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-wr9000_firmware:2.4.9:*:*:*:*:*:*:*","matchCriteriaId":"0D1A3280-9C15-4961-8C69-9ECE34528FDB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-wr9000:-:*:*:*:*:*:*:*","matchCriteriaId":"2D5ADB0D-6D03-448A-A0F3-7C238A20AF46"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-ac1900_firmware:1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"BE554304-8F2B-40A1-98CB-DE641B4CCE61"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-ac1900:-:*:*:*:*:*:*:*","matchCriteriaId":"2C5CA5E8-C497-475E-B0CE-6F54B6E9BFA8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-ac2100_az3_firmware:1.0.4:*:*:*:*:*:*:*","matchCriteriaId":"05E31365-4655-4B8D-9B75-AE70292C12C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-ac2100_az3:-:*:*:*:*:*:*:*","matchCriteriaId":"3B134A86-F380-4BE4-9CEC-5CBAE046CF8B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-x10_ac8_firmware:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"AAA6D548-72E1-435B-8EDB-50C1C258CE9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-x10_ac8:-:*:*:*:*:*:*:*","matchCriteriaId":"B153FF75-DDAF-4B43-8D54-C8211C607C2C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-lte300_firmware:1.2.3:*:*:*:*:*:*:*","matchCriteriaId":"8907D058-539D-44B8-BC30-EC137B4C6841"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-lte300:-:*:*:*:*:*:*:*","matchCriteriaId":"4CD2D0EC-F71B-4CD6-8013-EDCDE49B6BC9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-f1200_at1_firmware:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3DD8A5B3-0FF1-4512-9AEB-68A801956085"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-f1200_at1:-:*:*:*:*:*:*:*","matchCriteriaId":"9391FA6B-40EF-4A53-9B38-3F5EA0611970"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-x26_ac8_firmware:1.2.8:*:*:*:*:*:*:*","matchCriteriaId":"FCE90D05-D32B-4C52-917C-024FB4814751"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-x26_ac8:-:*:*:*:*:*:*:*","matchCriteriaId":"A13AD09A-4BF0-49B9-AB05-439D34413C81"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:blac450m_ae4_firmware:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5422B990-7572-42A1-89C4-D8FEEEC066ED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:blac450m_ae4:-:*:*:*:*:*:*:*","matchCriteriaId":"A469F008-B95F-480C-A677-43E6D448FEEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:b-link:bl-x26_da3_firmware:1.2.7:*:*:*:*:*:*:*","matchCriteriaId":"D3D8F5C4-F1A2-4E88-A795-DEAC4E77B3C1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:b-link:bl-x26_da3:-:*:*:*:*:*:*:*","matchCriteriaId":"1C8F576A-7D13-4311-9FDD-9BFB4E5705D8"}]}]}],"references":[{"url":"https://github.com/glkfc/IoT-Vulnerability/blob/main/LB-LINK/LB-LINK_routepwd%20Indicates%20the%20unauthorized%20command%20injection/LB-LINK_routepwd%20command%20injection.md","source":"cve@mitre.org","tags":["Exploit"]}]}}]}