Cyber Resilience

CVE-2025-29062

CriticalPublic PoCRCE

Published: 02 April 2025

Published
02 April 2025
Modified
29 April 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0771 92.1th percentile
Risk Priority 24 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-29062 is a critical-severity Command Injection (CWE-77) vulnerability in Lb-Link Bl-Ac2100 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 7.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2025-29062 is a command-injection vulnerability (CWE-77) affecting the BL-AC2100 router firmware at version V1.0.4 and earlier. Unauthenticated remote attackers can supply crafted values to the time1 and time2 parameters of the set_LimitClient_cfg function exposed by the embedded goahead web service, resulting in arbitrary code execution on the device.

Because the flaw is reachable over the network without credentials or user interaction, an attacker who can reach the web interface can obtain full control of the router, including the ability to read or modify any data and to use the device as a foothold for further attacks. The vulnerability carries a CVSS 3.1 base score of 9.8.

Public references consist of technical write-ups hosted on yuque.com that describe the injection vector; no vendor advisory or firmware patch addressing the issue is referenced in the available sources. The EPSS score rose from lower values after disclosure to a peak of 0.1435 on 2026-05-13 before receding to the current 0.0771, indicating a measurable increase in exploitation interest following publication.

EU & UK References

Vulnerability details

An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

lb-link
bl-ac2100 firmware
≤ 1.0.4

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References