Br 6428Nc
Monthly
Buffer overflow in Edimax BR-6428nC router firmware (version 1.16 and earlier) allows authenticated remote attackers to execute arbitrary code via crafted pptpDfGateway parameter in the /goform/setWAN endpoint. A public proof-of-concept exploit exists demonstrating stack overflow exploitation. EPSS data not available, but the combination of remote attack vector, low complexity, and published exploit code indicates elevated real-world risk for exposed devices with default credentials.
Command injection in Edimax BR-6428nC router web interface through the /goform/setWAN endpoint allows authenticated remote attackers to execute arbitrary system commands via unsanitized pppUserName or pptpUserName parameters. Affected firmware versions up to 1.16 contain this vulnerability; publicly available exploit code exists. The vendor was contacted but did not respond, indicating no security fix is anticipated.
Buffer overflow in Edimax BR-6428nC router firmware (version 1.16 and earlier) allows authenticated remote attackers to execute arbitrary code via crafted pptpDfGateway parameter in the /goform/setWAN endpoint. A public proof-of-concept exploit exists demonstrating stack overflow exploitation. EPSS data not available, but the combination of remote attack vector, low complexity, and published exploit code indicates elevated real-world risk for exposed devices with default credentials.
Command injection in Edimax BR-6428nC router web interface through the /goform/setWAN endpoint allows authenticated remote attackers to execute arbitrary system commands via unsanitized pppUserName or pptpUserName parameters. Affected firmware versions up to 1.16 contain this vulnerability; publicly available exploit code exists. The vendor was contacted but did not respond, indicating no security fix is anticipated.