CVE-2025-7572
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-14

Last updated on: 2025-07-15

Assigner: VulDB

Description
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600, BL-AX1800, BL-AX5400P and BL-WR9000 up to 20250702. This vulnerability affects the function bs_GetHostInfo in the library libblinkapi.so of the file /cgi-bin/lighttpd.cgi. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-14
Last Modified
2025-07-15
Generated
2026-05-27
AI Q&A
2025-07-14
EPSS Evaluated
2026-05-25
NVD
CVE-2025-7572
EUVD
EUVD-2025-21312
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
lb-link bl-ac2100_az3 *
lb-link bl-ac3600 *
lb-link bl-wr9000 *
lb-link bl-ax5400p *
lb-link bl-ac1900 *
lb-link bl-ax1800 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-7572 is a critical information disclosure vulnerability in multiple LB-LINK router models. It exists in the bs_GetHostInfo function within the libblinkapi.so library of the /cgi-bin/lighttpd.cgi file. Remote attackers can manipulate inputs to this function without authentication, causing unauthorized disclosure of sensitive information. A public proof-of-concept exploit is available, making it easily exploitable. [1]


How can this vulnerability impact me? :

This vulnerability can lead to unauthorized disclosure of sensitive information from affected LB-LINK routers. Since exploitation requires no authentication and can be done remotely, attackers can access confidential data, potentially compromising network security and privacy. The impact is primarily on confidentiality. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for requests to the /cgi-bin/lighttpd.cgi endpoint, specifically targeting the bs_GetHostInfo function in the libblinkapi.so library. Network detection can involve inspecting HTTP requests for unusual or unauthorized access patterns to this CGI script. Since a public proof-of-concept exploit is available, you can use tools like curl or wget to test if the device responds with sensitive information when querying this endpoint. For example, a command like `curl http://<router-ip>/cgi-bin/lighttpd.cgi?function=bs_GetHostInfo` might reveal if the device is vulnerable. Additionally, network intrusion detection systems (NIDS) can be configured to alert on such requests. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include applying restrictive firewall rules to limit external access to the affected devices, especially blocking access to the /cgi-bin/lighttpd.cgi endpoint from untrusted networks. Since the vendor has not provided a patch, network-level controls are critical. Isolate affected devices from the internet or untrusted networks if possible. Monitor network traffic for exploitation attempts and consider disabling remote management features temporarily until a fix is available. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart