Skip to main content

Edimax BR-6675nD EUVD-2026-31627

| CVE-2026-9423 LOW
Command Injection (CWE-77)
2026-05-25 VulDB GHSA-c57r-97q9-v59j
Command Injection Br 6675Nd
2.0
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.0 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
Analysis Generated
Jun 08, 2026 - 13:13 vuln.today
Severity Changed
May 26, 2026 - 19:37 NVD
MEDIUM LOW
CVSS changed
May 26, 2026 - 19:37 NVD
4.7 (MEDIUM) 2.0 (LOW)

DescriptionCVE.org

A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Command injection in Edimax BR-6675nD firmware 1.12 enables remote attackers with administrative credentials to execute arbitrary OS commands via the command argument in POST requests to the /goform/mp endpoint. Although a public exploit exists (referenced via a Notion-hosted POC), exploitation is constrained by the requirement for high-privilege authentication (CVSS PR:H), keeping the CVSS 4.0 score at 2.0 and EPSS at 0.23%. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain or brute-force admin credentials
Delivery
Authenticate to /goform/mp web endpoint
Exploit
Inject OS command in POST command parameter
Execution
Firmware passes unsanitized input to shell interpreter
Impact
Execute arbitrary commands on router OS
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to hold valid high-privileged (administrative-level) credentials for the Edimax BR-6675nD web management interface - confirmed by CVSS PR:H. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment Multiple signals converge on a low-to-moderate real-world risk rating. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained or brute-forced the administrative password for a network-accessible Edimax BR-6675nD management interface submits a crafted POST request to `/goform/mp` with a shell metacharacter-delimited OS command injected into the `command` parameter. The unpatched `mp` handler passes the unsanitized value directly to the system command interpreter, executing the attacker's payload with the web process's privilege level on the router. …
Remediation No vendor-released patch has been identified at time of analysis - the vendor was contacted prior to disclosure and did not respond, leaving no upstream fix available. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-31627 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy