VYPR

BR-6428nS V3

by Edimax

CVEs (11)

  • CVE-2023-31983CriMay 12, 2023
    risk 0.66cvss 9.8epss 0.25

    A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.

  • CVE-2023-31986CriMay 15, 2023
    risk 0.64cvss 9.8epss 0.08

    A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.

  • CVE-2023-31985CriMay 12, 2023
    risk 0.64cvss 9.8epss 0.08

    A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations.

  • CVE-2026-9295HigMay 23, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be…

  • CVE-2026-9294HigMay 23, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to…

  • CVE-2026-8776HigMay 18, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulation of the argument pptpUserName leads to buffer overflow. It is possible to…

  • CVE-2026-8775HigMay 18, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely.…

  • CVE-2026-36734HigMay 11, 2026
    risk 0.57cvss 8.8epss 0.01

    EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authenticated attacker with access to the network can submit crafted input to the WLAN configuration functionality. Due to insufficient input validation, the attacker is able to execute arbitrary system commands on…

  • CVE-2026-9297MedMay 23, 2026
    risk 0.41cvss 6.3epss 0.01

    A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated…

  • CVE-2026-9296MedMay 23, 2026
    risk 0.41cvss 6.3epss 0.01

    A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTxPower1/e2pTxPower2/e2pT…

  • CVE-2026-8777MedMay 18, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv_ssid results in command injection. The attack can be…