Medium severity6.3NVD Advisory· Published May 30, 2026· Updated Jun 1, 2026
CVE-2026-10127
CVE-2026-10127
Description
A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Affected products
1Patches
Vulnerability mechanics
References
4News mentions
1- Edimax BR-6478AC: Seven Remote-Code-Execution Flaws Disclosed in 12-Hour BatchVypr Intelligence · May 31, 2026