Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network POST endpoint, low-privilege auth required (PR:L); command injection on embedded router OS yields full system compromise, so C/I/A:H.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows network-adjacent authenticated attackers to execute arbitrary OS commands via the command argument in POST requests to the /goform/mp endpoint. The vulnerability is rooted in insufficient input sanitization in the mp form handler, exposing the router's underlying OS to attacker-controlled commands. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attack requires sending a POST request to `/goform/mp` on the Edimax BR-6478AC V2 running firmware 1.23. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 2.1 is anomalously low for a network-accessible command injection flaw with a public PoC. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with low-privilege access to the Edimax BR-6478AC V2 web management interface - for example, a user on the same LAN segment with credentials to the router - sends a crafted POST request to `/goform/mp` with a manipulated `command` parameter containing shell metacharacters (e.g., semicolons, backticks, or pipe characters). The `mp` handler passes the unsanitized input to an OS-level command execution function, causing the injected command to run with the privileges of the web server process (typically root on embedded Linux routers). … |
| Remediation | No vendor-released patch identified at time of analysis - the vendor did not respond to the researcher's disclosure. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Br 6478Ac V2
View allStack/heap buffer overflow in the Edimax BR-6478AC V2 wireless router (firmware 1.23) lets an authenticated attacker cor
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privilege credentials to execute
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows authenticated remote attackers to execute arb
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privileged web interface access
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38196
GHSA-9g76-6r22-3642