Skip to main content

Edimax BR-6675nD CVE-2026-9439

| EUVD-2026-31649 LOW
Command Injection (CWE-77)
2026-05-25 VulDB GHSA-7c5g-6hjv-j6hp
Command Injection Br 6675Nd
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 13:28 vuln.today
Severity Changed
May 26, 2026 - 19:37 NVD
MEDIUM LOW
CVSS changed
May 26, 2026 - 19:37 NVD
6.3 (MEDIUM) 2.1 (LOW)

DescriptionCVE.org

A vulnerability was determined in Edimax BR-6675nD 1.12. Affected is the function stainfo of the file /goform/stainfo. This manipulation of the argument interface causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Command injection in the Edimax BR-6675nD 1.12 router's web management interface allows a low-privileged remote attacker to execute arbitrary OS commands by submitting a crafted value for the interface parameter to the /goform/stainfo endpoint. A public proof-of-concept exploit is available on Notion and documented via VulDB, lowering the bar for exploitation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Acquire low-privilege router management credentials
Delivery
Access /goform/stainfo endpoint over network
Exploit
Inject shell metacharacters into interface parameter
Execution
Firmware passes unsanitized input to OS command interpreter
Impact
Execute arbitrary commands on router with web server process privileges
Sign in to reveal

Vulnerability AssessmentAI

Exploitation The CVSS 4.0 vector specifies PR:L (low privileges required), meaning the attacker must hold valid low-privilege credentials to the router's web management interface - unauthenticated exploitation is not supported by the available CVSS data. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 2.1 is strikingly low for a command injection vulnerability and warrants scrutiny. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained low-privilege credentials to the Edimax BR-6675nD management interface - for example via default credentials, credential reuse, or credential theft - submits an HTTP request to `/goform/stainfo` with the `interface` parameter containing injected shell metacharacters and commands. The router firmware passes this value directly to an OS-level command interpreter without sanitization, executing the injected payload with the privileges of the web server process. …
Remediation No vendor-released patch has been identified at time of analysis; the vendor was notified prior to public disclosure but did not respond, and no fix version has been confirmed from any source. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-9439 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy