Access Control Flaw in LB-LINK Router by LB-Link
CVE-2024-33374

Currently unrated

Key Information:

Vendor: LB-Link
Status: BL-W1210M v2.0 Router
Vendor: CVE Published:; 14 June 2024

What is CVE-2024-33374?

The LB-LINK BL-W1210M v2.0 router is affected by an improper access control vulnerability in its UART/Serial interface. This flaw enables potential attackers to gain unauthorized access to the root terminal without requiring authentication. By exploiting this vulnerability, an intruder could manipulate the router's settings or access sensitive data, potentially leading to further security breaches. Users of this router model should take immediate actions to secure their devices.

References

https://redfoxsec.com/blog/security-advisory-multiple-vul...

https://github.com/ShravanSinghRathore/Security-Advisory-...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 14, 2024
Vulnerability Reserved
Apr 23, 2024