CVE Alert: CVE-2025-10773 – B-Link – BL-AC2100
CVE-2025-10773
A security flaw has been discovered in B-Link BL-AC2100 up to 1.0.3. Affected by this issue is the function delshrpath of the file /goform/set_delshrpath_cfg of the component Web Management Interface. The manipulation of the argument Type results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
AI Summary Analysis
**Risk verdict**: High risk as the issue allows remote, network-based exploitation with a publicly released exploit; urgency is elevated.
**Why this matters**: A successful chain can yield remote code execution on the device, potentially taking full control of the Web Management Interface and compromising traffic handling, with impact to confidentiality, integrity and availability. If the router acts as a gateway, attackers could pivot to internal hosts or manipulate traffic, undermining network security and availability.
**Most likely attack path**: An attacker targets the Web Management Interface over the network, exploiting a stack-based overflow in set_delshrpath_cfg. No user interaction is required, and only low device privileges appear necessary, enabling unauthenticated or low-privilege access to execute code. Compromised devices could then be used to monitor or alter traffic or to pivot laterally within a local network.
**Who is most exposed**: Consumer and small-office deployments of the B-Link BL-AC2100 with remote or poorly restricted management access, especially where the Web Management Interface is exposed to LAN or Internet-facing traffic.
**Detection ideas**
- Alerts for attempts to access /goform/set_delshrpath_cfg with anomalous Type values or overflow-like payloads.
- Web management interface crashes, reboot loops, or memory exhaustion events.
- Unusual spikes in CPU/memory on the device and unexpected configuration changes.
- Correlation with public PoC activity or indicator strings (delshrpath, set_delshrpath_cfg) in logs.
**Mitigation and prioritisation**
- Apply vendor patch to latest firmware as soon as available; verify integrity before deployment.
- If patching is not yet available, disable remote management or restrict it to trusted networks/VPN; implement strict ACLs.
- Enforce strong admin credentials, enable multi-factor where possible, and review access roles.
- Network segmentation: isolate management plane from untrusted segments; monitor management traffic for anomalies.
- Change-management: test in a controlled environment, back up configurations, plan staged rollout.
- If KEV true or EPSS ≥ 0.5, treat as priority 1.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
