CVE-2026-4227 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: March 16, 2026
LB-LINK BL-WR9000 - Buffer Overflow
Overview
LB-LINK BL-WR9000 2.4.9 contains a buffer overflow caused by manipulation in function sub_44D844 of /goform/get_hidessid_cfg, letting remote attackers cause memory corruption, exploit requires no special privileges.
Severity & Score
Impact
Remote attackers can cause memory corruption, potentially leading to remote code execution or system crash.
Mitigation
Update to the latest version provided by the vendor.
References
Social Media Activity(2 posts)
š CVE-2026-4227 - High (8.8) A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely.... š https://www.thehackerwire.com/vulnerability/CVE-2026-4227/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postš CVE-2026-4227 - High (8.8) A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely.... š https://www.thehackerwire.com/vulnerability/CVE-2026-4227/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-4227
- Severity
- High
- CVSS Score
- 8.8
- Type
- buffer_overflow
- Status
- unconfirmed
- EPSS
- 4.1%
- Social Posts
- 2
CWE
- CWE-119
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H