CVE-2025-10773 is a high-severity stack-based buffer overflow vulnerability affecting the B-Link BL-AC2100 wireless router models running firmware versions 1.0.0 through 1.0.3. The flaw resides in the Web Management Interface component, specifically within the delshrpath function of the /goform/set_delshrpath_cfg endpoint. An attacker can remotely manipulate the 'Type' argument passed to this function, causing a stack-based buffer overflow. This type of vulnerability can lead to arbitrary code execution, denial of service, or system compromise without requiring authentication or user interaction. The vulnerability is remotely exploitable over the network, increasing its risk profile. Although the vendor was notified early, no response or patch has been issued, and a public exploit has been released, making exploitation more feasible. The CVSS 4.0 base score of 8.7 reflects the high impact on confidentiality, integrity, and availability, combined with low attack complexity and no need for privileges or user interaction. The vulnerability affects the core management interface of the device, which is critical for administrative control, and exploitation could allow attackers to gain full control over the device, pivot into internal networks, or disrupt network services.

For European organizations, the impact of this vulnerability can be significant, especially for enterprises, ISPs, and critical infrastructure operators using the B-Link BL-AC2100 routers. Successful exploitation could lead to unauthorized access to internal networks, interception or manipulation of sensitive data, and disruption of network availability. This could affect confidentiality of communications, integrity of network configurations, and availability of network services. Given the device’s role as a network gateway, compromise could facilitate lateral movement within corporate or governmental networks, potentially leading to broader breaches. The lack of vendor response and public exploit availability increases the urgency for European organizations to address this risk promptly. Additionally, organizations subject to strict data protection regulations such as GDPR could face compliance issues and reputational damage if breaches occur due to this vulnerability.

Since no official patch is available, European organizations should implement immediate compensating controls. These include restricting access to the router’s web management interface by limiting it to trusted IP addresses or internal networks only, disabling remote management if not strictly necessary, and monitoring network traffic for unusual requests targeting /goform/set_delshrpath_cfg or anomalous usage patterns. Network segmentation should be enforced to isolate vulnerable devices from critical assets. Employing intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics to detect exploitation attempts can help mitigate risk. Organizations should also consider replacing affected devices with models from vendors that provide timely security updates. Regular firmware audits and vulnerability scanning should be conducted to identify and remediate similar risks proactively. Finally, maintaining robust incident response plans will help contain and remediate any successful exploitation.