VYPR

BL-AC2100

by BL AC2100

CVEs (2)

  • CVE-2025-29063CriApr 2, 2025
    risk 0.64cvss 9.8epss 0.01

    An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via the enable parameter passed to /goform/set_hidessid_cfg is not handled properly.

  • CVE-2025-29062CriApr 2, 2025
    risk 0.64cvss 9.8epss 0.01

    An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.