Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Command injection in the Edimax BR-6428NS 1.10 wireless router's web management interface allows a remotely authenticated attacker to execute arbitrary OS commands by manipulating the repeaterSSID parameter in a POST request to /goform/formWlbasic. A publicly available proof-of-concept exploit exists, raising the practical risk above what the moderate CVSS score of 6.3 alone suggests. The vendor was notified prior to disclosure but did not respond, meaning no vendor-supplied patch exists at time of analysis.
Technical ContextAI
The Edimax BR-6428NS is a consumer-grade wireless router exposing a CGI-based web management interface. The vulnerable component is the formWlbasic handler, a server-side function responsible for processing wireless basic configuration, including repeater (WISP/WDS) settings. The repeaterSSID argument - the SSID value for the repeater association - is passed directly into a system-level command without adequate sanitization, satisfying CWE-77 (Improper Neutralization of Special Elements used in a Command). This class of flaw occurs when user-supplied input containing shell metacharacters (e.g., semicolons, backticks, pipe operators) is interpolated into a shell command string executed by the device's operating system. The CPE string cpe:2.3:a:edimax:br-6428ns:*:*:*:*:*:*:*:* uses a wildcard version field, indicating NVD has not bounded the affected range beyond the confirmed 1.10 firmware.
RemediationAI
No vendor-released patch has been identified at time of analysis - the vendor did not respond to pre-disclosure contact, and no Edimax security advisory exists. As the primary compensating control, administrators should immediately disable remote (WAN-side) management access to the router's web interface if it is exposed to the internet, preventing unauthenticated network reachability to the vulnerable endpoint; note this does not protect against attacks from the LAN. LAN-side access can be restricted by binding management access to a dedicated VLAN or management network segment accessible only to trusted hosts, reducing the pool of potential authenticated attackers. Changing default credentials to a strong, unique password raises the authentication barrier and limits opportunistic exploitation, though this does not eliminate the vulnerability. Network-level filtering of POST requests to /goform/formWlbasic at a perimeter firewall or IPS can block exploitation attempts where inline inspection is available. Consider replacing the device with a supported model if no firmware update is released, as an unpatched command injection on a network edge device represents persistent long-term risk.
Stack buffer overflow in the Edimax BR-6428NS router (firmware 1.10) allows remote authenticated attackers to corrupt me
Stack buffer overflow in the Edimax BR-6428NS router firmware version 1.10 allows authenticated remote attackers to corr
Buffer overflow in the Edimax BR-6428NS 1.10 router's web management interface allows authenticated remote attackers to
Stack buffer overflow in the Edimax BR-6428NS 1.10 wireless router allows authenticated remote attackers to corrupt memo
Command injection in Edimax BR-6428NS firmware version 1.10 exposes the device's operating system to remote command exec
Command injection in Edimax BR-6428NS firmware v1.10 allows authenticated remote attackers to execute arbitrary system c
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31532
GHSA-gxpf-66ch-99jw