EUVD-2026-12369CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Tags
Description
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
Remote code execution in LB-LINK BL-WR9000 2.4.9 via buffer overflow in the /goform/get_hidessid_cfg endpoint allows authenticated attackers to achieve complete system compromise over the network. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify and inventory all LB-LINK BL-WR9000 devices running firmware 2.4.9 in production and test environments; restrict administrative access to these devices to essential personnel only. Within 7 days: Implement network segmentation to isolate affected routers from critical systems; disable the /goform/get_hidessid_cfg endpoint if possible through firmware configuration; deploy WAF rules to block malicious requests to this endpoint. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today