CVE-2025-45984
Published: 13 June 2025
Summary
CVE-2025-45984 is a critical-severity Command Injection (CWE-77) vulnerability in B-Link Bl-Wr9000 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 5.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2025-45984 is a command injection vulnerability (CWE-77) present in multiple LB-LINK/Blink router models, including BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0, and BL-X26_DA3 V1.2.7. The flaw resides in the sub_45B238 function and is triggered through the routepwd parameter, allowing unauthenticated attackers to supply crafted input that is passed directly to a system command interpreter.
An attacker with network access can exploit the issue over HTTP without authentication or user interaction, achieving arbitrary command execution on the affected device. Successful exploitation grants full control of the router, enabling actions such as credential theft, traffic interception, persistence, or use of the device as an attack pivot. The vulnerability carries a CVSS 3.1 score of 9.8, reflecting its critical severity and ease of remote exploitation.
A public technical write-up and proof-of-concept are available on GitHub, but no vendor advisory or firmware patch addressing the flaw has been referenced in available sources. The associated EPSS score has remained steady at 0.1330 with no material increase observed since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-18265
Vulnerability details
Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL-LTE300 V1.2.3, BL-F1200_AT1 V1.0.0, BL-X26_AC8 V1.2.8, BLAC450M_AE4 V4.0.0 and BL-X26_DA3 V1.2.7 were discovered to contain a command injection vulnerability via the routepwd parameter in the sub_45B238 function.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.