CVE-2025-45988 | Via BL-X26_DA3 bs_SetCmd cmd command injection (EUVD-2025-18261)

Inserito da Angelo Barbosa | Giu 13, 2025 | CVE

A vulnerability was found in Via BL-WR9000, BL-AC2100_AZ3, BL-X10_AC8, BL-LTE300, BL-F1200_AT1, BL-X26_AC8, BLAC450M_AE4 and BL-X26_DA3 and classified as critical. Affected by this issue is the function bs_SetCmd. The manipulation of the argument cmd leads to command injection.

This vulnerability is handled as CVE-2025-45988. The attack may be launched remotely. There is no exploit available.

CVE-2025-45988 | Via BL-X26_DA3 bs_SetCmd cmd command injection (EUVD-2025-18261)

Post correlati

CVE-2022-23179 | Contact Form & Lead Form Elementor Builder Plugin up to 1.6.x on WordPress cross site scripting

CVE-2024-11609 | AutomationDirect C-More EA9 Programming Software up to 6.78 File Parser stack-based overflow (icsa-24-340-01)

CVE-2025-1158 | ESAFENET CDG 5.6.3.154.205_20250114 addPolicyToSafetyGroup.jsp safetyGroupId sql injection

CVE-2024-27298 | parse-server up to 6.4.x/7.0.0-alpha.19 on Node.js PostgreSQL sql injection (GHSA-6927-3vr9-fxf2)