Br 6478Ac V2
Monthly
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows network-adjacent authenticated attackers to execute arbitrary OS commands via the `command` argument in POST requests to the `/goform/mp` endpoint. The vulnerability is rooted in insufficient input sanitization in the `mp` form handler, exposing the router's underlying OS to attacker-controlled commands. A public proof-of-concept exploit has been released and the vendor has not responded to disclosure, leaving no patch available - the device remains unmitigated at time of analysis.
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privilege credentials to execute arbitrary OS commands by embedding shell metacharacters in the `newpass` argument of POST requests to the `/goform/wiz_5in1_redirect` endpoint. A public proof-of-concept exploit exists and is referenced in the VulDB disclosure, making this straightforwardly reproducible. The vendor has not responded to coordinated disclosure, leaving no official patch available - a significant concern for a SOHO network gateway that sits at the perimeter of home and small-office networks.
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows authenticated remote attackers to execute arbitrary OS commands by manipulating the `interface` argument in POST requests to `/goform/stainfo`. No patch is available - Edimax did not respond to coordinated disclosure - and a public proof-of-concept exploit exists, making this a persistent, unmitigated risk on deployed devices. The vendor-reported CVSS 4.0 score of 2.1 appears to significantly understate actual impact, as unrestricted command injection on embedded router firmware typically enables full system control rather than merely low-severity limited access.
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privileged web interface access to execute arbitrary OS commands by injecting shell metacharacters into WAN credential parameters submitted via POST to /goform/setWAN. A public proof-of-concept exploit is documented and available, the vendor did not respond to coordinated disclosure, and no patch exists - leaving only compensating controls as mitigation. No public exploit identified at time of analysis in CISA KEV, but the combination of public PoC, zero vendor response, and SOHO device deployment patterns represents materially elevated real-world risk.
Stack/heap buffer overflow in the Edimax BR-6478AC V2 wireless router (firmware 1.23) lets an authenticated attacker corrupt memory by sending an oversized selSSID parameter to the formWlSiteSurvey handler under /goform/, enabling denial of service and potentially arbitrary code execution on the device. Publicly available exploit code exists, but no public exploit identified at time of analysis as actively used in attacks (not in CISA KEV); the vendor was notified and did not respond, leaving devices unpatched. CVSS 4.0 base score is 7.4 reflecting network reachability of the management interface combined with required low-privilege authentication.
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows network-adjacent authenticated attackers to execute arbitrary OS commands via the `command` argument in POST requests to the `/goform/mp` endpoint. The vulnerability is rooted in insufficient input sanitization in the `mp` form handler, exposing the router's underlying OS to attacker-controlled commands. A public proof-of-concept exploit has been released and the vendor has not responded to disclosure, leaving no patch available - the device remains unmitigated at time of analysis.
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privilege credentials to execute arbitrary OS commands by embedding shell metacharacters in the `newpass` argument of POST requests to the `/goform/wiz_5in1_redirect` endpoint. A public proof-of-concept exploit exists and is referenced in the VulDB disclosure, making this straightforwardly reproducible. The vendor has not responded to coordinated disclosure, leaving no official patch available - a significant concern for a SOHO network gateway that sits at the perimeter of home and small-office networks.
Command injection in the Edimax BR-6478AC V2 router (firmware 1.23) allows authenticated remote attackers to execute arbitrary OS commands by manipulating the `interface` argument in POST requests to `/goform/stainfo`. No patch is available - Edimax did not respond to coordinated disclosure - and a public proof-of-concept exploit exists, making this a persistent, unmitigated risk on deployed devices. The vendor-reported CVSS 4.0 score of 2.1 appears to significantly understate actual impact, as unrestricted command injection on embedded router firmware typically enables full system control rather than merely low-severity limited access.
Command injection in Edimax BR-6478AC V2 firmware 1.23 allows remote attackers with low-privileged web interface access to execute arbitrary OS commands by injecting shell metacharacters into WAN credential parameters submitted via POST to /goform/setWAN. A public proof-of-concept exploit is documented and available, the vendor did not respond to coordinated disclosure, and no patch exists - leaving only compensating controls as mitigation. No public exploit identified at time of analysis in CISA KEV, but the combination of public PoC, zero vendor response, and SOHO device deployment patterns represents materially elevated real-world risk.
Stack/heap buffer overflow in the Edimax BR-6478AC V2 wireless router (firmware 1.23) lets an authenticated attacker corrupt memory by sending an oversized selSSID parameter to the formWlSiteSurvey handler under /goform/, enabling denial of service and potentially arbitrary code execution on the device. Publicly available exploit code exists, but no public exploit identified at time of analysis as actively used in attacks (not in CISA KEV); the vendor was notified and did not respond, leaving devices unpatched. CVSS 4.0 base score is 7.4 reflecting network reachability of the management interface combined with required low-privilege authentication.