Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv_ssid results in command injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Command injection in Edimax BR-6428NS firmware v1.10 allows authenticated remote attackers to execute arbitrary system commands via the stadrv_ssid parameter in POST requests to /goform/formStaDrvSetup. Public exploit code is available (documented in VulDB and researcher's Notion page), enabling low-complexity attacks against networks where attackers have obtained low-privilege credentials. The vendor received early disclosure but provided no response, leaving no official patch timeline.
Technical ContextAI
This vulnerability targets the Edimax BR-6428NS wireless router's web management interface, specifically the formStaDrvSetup function handling POST requests to the /goform/formStaDrvSetup endpoint. The flaw is a classic command injection (CWE-77) where insufficient input validation on the stadrv_ssid parameter allows an attacker to inject shell metacharacters and execute arbitrary operating system commands with the privileges of the web server process. The affected CPE (cpe:2.3:a:edimax:br-6428ns:*:*:*:*:*:*:*:*) indicates firmware version 1.10 is confirmed vulnerable. Command injection vulnerabilities in embedded device web interfaces are particularly dangerous because they typically execute with root or elevated privileges in the device's Linux-based firmware.
RemediationAI
No vendor-released patch identified at time of analysis - Edimax did not respond to vulnerability disclosure. Immediate compensating controls: (1) Disable remote management access to the web interface entirely, restricting administration to local network only via router firewall rules (trade-off: eliminates remote admin capability). (2) Change default administrative credentials immediately and enforce strong passwords (minimum 16 characters, randomized) to raise the authentication barrier, though this only reduces risk rather than eliminating it. (3) Implement network segmentation placing the BR-6428NS on an isolated management VLAN with strict ACLs limiting which hosts can reach the management interface (trade-off: requires managed switch infrastructure and VLAN-capable network design). (4) Monitor device logs for unexpected POST requests to /goform/ endpoints and failed authentication attempts. Long-term recommendation: Replace the Edimax BR-6428NS with an actively maintained router from a vendor with established security response processes, as vendor silence suggests this product may be end-of-life with no future security support. See VulDB references at https://vuldb.com/vuln/364402 and researcher disclosure at https://lavender-bicycle-a5a.notion.site/EDIMAX-BR-6428NS-formStaDrvSetup-34b53a41781f80ca940cc467cd15dfc2.
Stack buffer overflow in the Edimax BR-6428NS router (firmware 1.10) allows remote authenticated attackers to corrupt me
Stack buffer overflow in the Edimax BR-6428NS router firmware version 1.10 allows authenticated remote attackers to corr
Buffer overflow in the Edimax BR-6428NS 1.10 router's web management interface allows authenticated remote attackers to
Stack buffer overflow in the Edimax BR-6428NS 1.10 wireless router allows authenticated remote attackers to corrupt memo
Command injection in the Edimax BR-6428NS 1.10 wireless router's web management interface allows a remotely authenticate
Command injection in Edimax BR-6428NS firmware version 1.10 exposes the device's operating system to remote command exec
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30719
GHSA-8vqm-j289-7f3g