Cyber Resilience

CVE-2025-29063

CriticalPublic PoCRCE

Published: 02 April 2025

Published
02 April 2025
Modified
29 April 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0613 91.0th percentile
Risk Priority 23 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-29063 is a critical-severity Command Injection (CWE-77) vulnerability in Lb-Link Bl-Ac2100 Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 9.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2025-29063 is a command-injection vulnerability (CWE-77) in the BL-AC2100 wireless router, affecting firmware version V1.0.4 and earlier. The flaw resides in the handling of the enable parameter supplied to the /goform/set_hidessid_cfg endpoint, where unsanitized input is passed to an underlying system command.

An unauthenticated attacker with network access can submit a malicious HTTP request to the endpoint and obtain arbitrary code execution on the device. Successful exploitation grants the attacker full control over the router, allowing modification of configuration, interception of traffic, or use of the device as a pivot point, consistent with the CVSS 9.8 rating that reflects no required authentication or user interaction.

The EPSS score rose from a low baseline to a recorded peak of 0.0999 (current value 0.0613), indicating measurable post-disclosure exploitation interest. The supplied references contain additional technical detail but do not describe vendor patches or official mitigation steps.

EU & UK References

Vulnerability details

An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

lb-link
bl-ac2100 firmware
≤ 1.0.4

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References