Password Policy Bypass in LB-LINK BL-W1210M v2.0 Router
CVE-2024-33373

Currently unrated

Key Information:

Vendor: LB-LINK
Status: BL-W1210M v2.0 Router
Vendor: CVE Published:; 14 June 2024

What is CVE-2024-33373?

A vulnerability in the LB-LINK BL-W1210M v2.0 router enables attackers to bypass established password complexity requirements, allowing for the setting of single-digit passwords for authentication. This significant flaw can lead to unauthorized access via brute-force attacks, potentially compromising the router's security and allowing malicious actors to manipulate network configurations or intercept sensitive data. Users of this router model are strongly advised to take immediate action to secure their devices.

References

https://redfoxsec.com/blog/security-advisory-multiple-vul...

https://github.com/ShravanSinghRathore/Security-Advisory-...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 14, 2024
Vulnerability Reserved
Apr 23, 2024