Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-q9cv-2fp1-b3by
SummaryA vulnerability, which was classified as critical, has been found in LB-LINK BL-AC3600 1.0.22. Affected by this issue is some unknown functionality of the file /etc/shadow. The manipulation with the input root:blinkadmin leads to hard-coded credentials. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Aliases
0
alias CVE-2025-7564
Fixed_packages
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-7564
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.24293
published_at 2026-06-11T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.2448
published_at 2026-06-14T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24497
published_at 2026-06-13T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24487
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-7564
1
reference_url https://vuldb.com/?ctiid.316262
reference_id ?ctiid.316262
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
2
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-14T14:47:54Z/
url https://vuldb.com/?ctiid.316262
2
reference_url https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Hardcoded_Credentials_in_BL-AC3600_Routers.md
reference_id Hardcoded_Credentials_in_BL-AC3600_Routers.md
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
2
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-14T14:47:54Z/
url https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Hardcoded_Credentials_in_BL-AC3600_Routers.md
3
reference_url https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Hardcoded_Credentials_in_BL-AC3600_Routers.md#poc
reference_id Hardcoded_Credentials_in_BL-AC3600_Routers.md#poc
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
2
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-14T14:47:54Z/
url https://github.com/waiwai24/0101/blob/main/CVEs/Blink/Hardcoded_Credentials_in_BL-AC3600_Routers.md#poc
4
reference_url https://vuldb.com/?id.316262
reference_id ?id.316262
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
2
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-14T14:47:54Z/
url https://vuldb.com/?id.316262
5
reference_url https://vuldb.com/?submit.605630
reference_id ?submit.605630
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
2
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
3
value 8.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-14T14:47:54Z/
url https://vuldb.com/?submit.605630
Weaknesses
0
cwe_id 259
name Use of Hard-coded Password
description The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
1
cwe_id 798
name Use of Hard-coded Credentials
description The product contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Exploits
Severity_range_score6.8 - 8.5
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-q9cv-2fp1-b3by