VYPR

BR-6478AC

by Edimax

CVEs (24)

  • CVE-2025-28146CriApr 4, 2025
    risk 0.64cvss 9.8epss 0.09

    Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel

  • CVE-2026-10165HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The…

  • CVE-2026-10164HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed…

  • CVE-2026-10163HigMay 31, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of…

  • CVE-2026-10126HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.01

    A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched…

  • CVE-2026-10125HigMay 30, 2026
    risk 0.57cvss 8.8epss 0.00

    A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The…

  • CVE-2026-9443HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack…

  • CVE-2026-9442HigMay 25, 2026
    risk 0.57cvss 8.8epss 0.01

    A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be…

  • CVE-2025-28145MedApr 15, 2025
    risk 0.43cvss 6.5epss 0.08

    Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat.

  • CVE-2025-28144MedApr 15, 2025
    risk 0.43cvss 6.5epss 0.04

    Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a stack overflow vlunerability via peerPin parameter in the formWsc function.

  • CVE-2025-28143MedApr 15, 2025
    risk 0.43cvss 6.5epss 0.08

    Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the groupname at the /boafrm/formDiskCreateGroup.

  • CVE-2025-28142MedApr 15, 2025
    risk 0.43cvss 6.5epss 0.08

    Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare.

  • CVE-2026-10166MedMay 31, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be…

  • CVE-2026-10127MedMay 30, 2026
    risk 0.41cvss 6.3epss 0.01

    A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated…

  • CVE-2026-9441MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.01

    A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The…

  • CVE-2026-9440MedMay 25, 2026
    risk 0.41cvss 6.3epss 0.01

    A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to…

  • CVE-2025-14094MedDec 5, 2025
    risk 0.31cvss 4.7epss 0.19

    A flaw has been found in Edimax BR-6478AC V3 1.0.15. The affected element is the function sub_44CCE4 of the file /boafrm/formSysCmd. This manipulation of the argument sysCmd causes os command injection. The attack may be initiated remotely. The exploit has been published and may…

  • CVE-2025-14093MedDec 5, 2025
    risk 0.31cvss 4.7epss 0.18

    A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public…

  • CVE-2025-14092MedDec 5, 2025
    risk 0.31cvss 4.7epss 0.15

    A security vulnerability has been detected in Edimax BR-6478AC V3 1.0.15. This issue affects the function sub_416898 of the file /boafrm/formDebugDiagnosticRun. The manipulation of the argument host leads to os command injection. The attack can be initiated remotely. The exploit…

  • CVE-2026-12810Jun 21, 2026
    risk 0.00cvss epss 0.01

    A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be…

Page 1 of 2