Unrated severityNVD Advisory· Published Jan 9, 2026· Updated Jan 12, 2026
CVE-2025-70161
CVE-2025-70161
Description
EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing arbitrary code execution.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = V2_1.02
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.