Br 6478Ac
Monthly
Command injection in Edimax BR-6478AC firmware 1.23 allows a remotely authenticated attacker to execute arbitrary OS commands by manipulating the `rootAPmac` parameter in a POST request to the `/goform/formWlbasic` endpoint. The vulnerable function `formWlbasic` passes unsanitized input directly to a system-level command, a pattern common in consumer embedded router firmware. A public proof-of-concept exploit has been disclosed, lowering the technical bar for exploitation; no vendor-released patch has been identified at time of analysis.
Stack-based buffer overflow in the Edimax BR-6478AC 1.23 wireless router enables authenticated remote attackers to corrupt memory by sending a crafted pppUserName parameter to the /goform/formWanTcpipSetup endpoint. Publicly available exploit code exists (published via VulDB and a Notion writeup), elevating this from a theoretical issue to a practical threat, though no CISA KEV listing or active exploitation has been confirmed. The CVSS 4.0 score of 7.4 reflects high confidentiality, integrity, and availability impact on the device itself, with exploitation requiring only low-level authentication.
Remote buffer overflow in the Edimax BR-6478AC 1.23 wireless router allows authenticated attackers to corrupt memory via the formUSBFolder POST handler by supplying oversized ShareName or SelectName arguments. Publicly available exploit code exists (hosted on a Notion page referenced by VulDB), and the CVSS 4.0 score of 7.4 reflects high confidentiality, integrity, and availability impact on the device with low privileges required. No CISA KEV listing, so this is best treated as a publicly weaponizable bug awaiting a vendor response.
Buffer overflow in the Edimax BR-6478AC v1.23 wireless router allows authenticated remote attackers to corrupt memory by sending oversized UserName or Password values to the /goform/formUSBAccount endpoint. Publicly available exploit code exists for this issue, raising the practical risk despite the requirement for low-level credentials, though no active exploitation has been confirmed via CISA KEV.
Authenticated command injection in Edimax BR-6478AC 1.23 firmware allows network-adjacent attackers with low-privilege credentials to execute arbitrary OS commands via the rootAPmac parameter in the formStaDrvSetup POST handler at /goform/formStaDrvSetup. The CVSS temporal vector confirms a public proof-of-concept (E:P) with reasonable confidence in the report (RC:R), while remediation level remains undefined (RL:X), indicating no vendor patch has been publicly acknowledged. No public exploit identified at time of analysis as confirmed actively exploited (CISA KEV), but publicly available exploit code exists, elevating practical risk for deployed devices.
Buffer overflow in the Edimax BR-6478AC 1.23 router's web management interface allows remote attackers with low-level credentials to corrupt memory by sending an oversized selSSID parameter to the /goform/formQoS endpoint. Publicly available exploit code exists per VulDB, raising the practical risk despite the CVSS 4.0 base score of 7.4, though there is no public exploit identified at time of analysis in CISA KEV. The flaw threatens the confidentiality, integrity, and availability of affected SOHO routers and could lead to arbitrary code execution or device takeover.
Remote buffer overflow in the Edimax BR-6478AC router (firmware 1.23) allows authenticated attackers to corrupt memory by submitting a crafted L2TPUserName parameter to the /goform/formL2TPSetup endpoint. Publicly available exploit code exists (VulDB-published POC on Notion), and SSVC rates technical impact as total despite a low 0.04% EPSS score. The vendor was contacted but has not responded, leaving the device without an official fix.
Stack/buffer overflow in the Edimax BR-6478AC 1.23 wireless router's web management interface allows authenticated remote attackers to corrupt memory by submitting an oversized selSSID parameter to /goform/formiNICSiteSurvey, with publicly available exploit code exists and no vendor response to coordinated disclosure. The flaw affects the formiNICSiteSurvey POST request handler and yields high impact on confidentiality, integrity, and availability of the device. EPSS is low (0.04%, 13th percentile), indicating limited mass-scanning activity despite the published exploit.
Command injection in Edimax BR-6478AC 1.23 exposes the router's web management interface to remote exploitation via a crafted POST request targeting the formiNICbasic endpoint. The rootAPmac parameter - likely used for wireless bridging MAC address configuration - is passed unsanitized to a system-level command, allowing an authenticated attacker with low privileges to inject arbitrary OS commands. A public proof-of-concept exploit has been released; the vendor was notified but did not respond, leaving the vulnerability unpatched. While not listed in CISA KEV, the EPSS score of 0.84% at the 75th percentile and confirmed POC availability represent a meaningful risk for exposed devices.
Command injection in the Edimax BR-6478AC 1.23 wireless router's formAccept POST handler allows an authenticated remote attacker to execute arbitrary OS commands by injecting shell metacharacters into the submit-url argument at /goform/formAccept. A public proof-of-concept exploit is documented via a Notion writeup, lowering the bar for exploitation; the vendor did not respond to responsible disclosure, leaving no patch available. No public exploit identified at time of analysis conflicts with KEV status - active exploitation is not confirmed by CISA, but EPSS at 0.84% (75th percentile) signals above-average relative exploitation interest given the public POC.
Command injection in Edimax BR-6478AC firmware 1.23 allows a remotely authenticated attacker to execute arbitrary OS commands by manipulating the `rootAPmac` parameter in a POST request to the `/goform/formWlbasic` endpoint. The vulnerable function `formWlbasic` passes unsanitized input directly to a system-level command, a pattern common in consumer embedded router firmware. A public proof-of-concept exploit has been disclosed, lowering the technical bar for exploitation; no vendor-released patch has been identified at time of analysis.
Stack-based buffer overflow in the Edimax BR-6478AC 1.23 wireless router enables authenticated remote attackers to corrupt memory by sending a crafted pppUserName parameter to the /goform/formWanTcpipSetup endpoint. Publicly available exploit code exists (published via VulDB and a Notion writeup), elevating this from a theoretical issue to a practical threat, though no CISA KEV listing or active exploitation has been confirmed. The CVSS 4.0 score of 7.4 reflects high confidentiality, integrity, and availability impact on the device itself, with exploitation requiring only low-level authentication.
Remote buffer overflow in the Edimax BR-6478AC 1.23 wireless router allows authenticated attackers to corrupt memory via the formUSBFolder POST handler by supplying oversized ShareName or SelectName arguments. Publicly available exploit code exists (hosted on a Notion page referenced by VulDB), and the CVSS 4.0 score of 7.4 reflects high confidentiality, integrity, and availability impact on the device with low privileges required. No CISA KEV listing, so this is best treated as a publicly weaponizable bug awaiting a vendor response.
Buffer overflow in the Edimax BR-6478AC v1.23 wireless router allows authenticated remote attackers to corrupt memory by sending oversized UserName or Password values to the /goform/formUSBAccount endpoint. Publicly available exploit code exists for this issue, raising the practical risk despite the requirement for low-level credentials, though no active exploitation has been confirmed via CISA KEV.
Authenticated command injection in Edimax BR-6478AC 1.23 firmware allows network-adjacent attackers with low-privilege credentials to execute arbitrary OS commands via the rootAPmac parameter in the formStaDrvSetup POST handler at /goform/formStaDrvSetup. The CVSS temporal vector confirms a public proof-of-concept (E:P) with reasonable confidence in the report (RC:R), while remediation level remains undefined (RL:X), indicating no vendor patch has been publicly acknowledged. No public exploit identified at time of analysis as confirmed actively exploited (CISA KEV), but publicly available exploit code exists, elevating practical risk for deployed devices.
Buffer overflow in the Edimax BR-6478AC 1.23 router's web management interface allows remote attackers with low-level credentials to corrupt memory by sending an oversized selSSID parameter to the /goform/formQoS endpoint. Publicly available exploit code exists per VulDB, raising the practical risk despite the CVSS 4.0 base score of 7.4, though there is no public exploit identified at time of analysis in CISA KEV. The flaw threatens the confidentiality, integrity, and availability of affected SOHO routers and could lead to arbitrary code execution or device takeover.
Remote buffer overflow in the Edimax BR-6478AC router (firmware 1.23) allows authenticated attackers to corrupt memory by submitting a crafted L2TPUserName parameter to the /goform/formL2TPSetup endpoint. Publicly available exploit code exists (VulDB-published POC on Notion), and SSVC rates technical impact as total despite a low 0.04% EPSS score. The vendor was contacted but has not responded, leaving the device without an official fix.
Stack/buffer overflow in the Edimax BR-6478AC 1.23 wireless router's web management interface allows authenticated remote attackers to corrupt memory by submitting an oversized selSSID parameter to /goform/formiNICSiteSurvey, with publicly available exploit code exists and no vendor response to coordinated disclosure. The flaw affects the formiNICSiteSurvey POST request handler and yields high impact on confidentiality, integrity, and availability of the device. EPSS is low (0.04%, 13th percentile), indicating limited mass-scanning activity despite the published exploit.
Command injection in Edimax BR-6478AC 1.23 exposes the router's web management interface to remote exploitation via a crafted POST request targeting the formiNICbasic endpoint. The rootAPmac parameter - likely used for wireless bridging MAC address configuration - is passed unsanitized to a system-level command, allowing an authenticated attacker with low privileges to inject arbitrary OS commands. A public proof-of-concept exploit has been released; the vendor was notified but did not respond, leaving the vulnerability unpatched. While not listed in CISA KEV, the EPSS score of 0.84% at the 75th percentile and confirmed POC availability represent a meaningful risk for exposed devices.
Command injection in the Edimax BR-6478AC 1.23 wireless router's formAccept POST handler allows an authenticated remote attacker to execute arbitrary OS commands by injecting shell metacharacters into the submit-url argument at /goform/formAccept. A public proof-of-concept exploit is documented via a Notion writeup, lowering the bar for exploitation; the vendor did not respond to responsible disclosure, leaving no patch available. No public exploit identified at time of analysis conflicts with KEV status - active exploitation is not confirmed by CISA, but EPSS at 0.84% (75th percentile) signals above-average relative exploitation interest given the public POC.