virus logo Intrusion Prevention

LB-LINK.goform.set_LimitClient_cfg.Command.Injection

description-logoDescription

This indicates an attack attempt to exploit an Unauthenticated Command Injection Vulnerability in LB-LINK.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. An unauthenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application.

description-logoOutbreak Alert

FortiGuard Labs has observed various router vulnerabilities being exploited in the wild to distribute malware such as MooBot Malware, Lucifer Malware, BotenaGo Botnet, Zerobot Malware, Enemybot Malware.

View the full Outbreak Alert Report

affected-products-logoAffected Products

LB-LINK BL-AC1900_2.0 v1.0.1
LB-LINK BL-WR9000 v2.4.9
LB-LINK BL-X26 v1.2.5
LB-LINK BL-LTE300 v1.0.8

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Currently we are unaware of any vendor supplied patch or updates available for this issue.

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2023-05-22 23.558
Modified
 Default_action:pass:drop
2023-05-09 23.549
New
ID 52884
Created Apr 24, 2023
Updated May 19, 2023
CVE ID
Tags Router Malware Attack
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 61.23%
Default Action drop
Active
Affected OS Linux
Affected App Other
Profile Type Code Injection