CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

CVE-2026-12809

Edimax BR-6478AC V2 firmware 1.23 is affected by a command injection in the POST Request Handler, specifically in wiz_5in1_redirect (/goform/wiz_5in1_redirect) where manipulation of the newpass argument enables remote code execution. Attack vector is network-based and requires no user interaction...

6.5CVSS6.5AI score

Exploits0References5

CVE•added yesterday•6 views

CVE-2026-12808

The CVE-2026-12808 entry concerns Edimax BR-6478AC V2 (firmware 1.23) with an issue in the POST Request Handler’s /goform/stainfo function, specifically the stainfo interface argument manipulation that enables command injection. The vulnerability is exploitable remotely, with public disclosure of...

6.5CVSS6.4AI score

Exploits0References5

EUVD•added yesterday•5 views

EUVD-2026-38193

A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack...

6.5CVSS6.4AI score

Exploits0References5

RedhatCVE•added 2026/06/02 4:3 a.m.•10 views

CVE-2026-10127

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

6.5CVSS6.5AI score0.01262EPSS

Exploits0References1

RedhatCVE•added 2026/06/02 4:2 a.m.•10 views

CVE-2026-10164

A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed remotely. The exploit ha...

9CVSS7.7AI score0.00463EPSS

Exploits0References1

RedhatCVE•added 2026/06/01 10:3 p.m.•10 views

CVE-2026-10166

A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried out remotely...

6.5CVSS5.6AI score0.01072EPSS

Exploits0References1

RedhatCVE•added 2026/06/01 10:3 p.m.•9 views

CVE-2026-10125

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be...

9CVSS6.4AI score0.00447EPSS

Exploits0References1

RedhatCVE•added 2026/06/01 4:3 p.m.•10 views

CVE-2026-10126

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has...

9CVSS6.2AI score0.00753EPSS

Exploits0References1

RedhatCVE•added 2026/06/01 4:3 p.m.•9 views

CVE-2026-10165

A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be...

9CVSS6.3AI score0.00738EPSS

Exploits0References1

NVD•added 2026/05/31 4:16 a.m.•14 views

CVE-2026-10165

9CVSS0.00738EPSS

Exploits0References4

NVD•added 2026/05/31 4:16 a.m.•14 views

CVE-2026-10166

6.5CVSS0.01072EPSS

Exploits0References4

NVD•added 2026/05/31 4:16 a.m.•9 views

CVE-2026-10163

A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of the attack is...

9CVSS0.00463EPSS

Exploits0References4

Vulnrichment•added 2026/05/31 3:15 a.m.•7 views

CVE-2026-10166 Edimax BR-6478AC POST Request formWlbasic command injection

6.5CVSS5.6AI score0.01072EPSS

Exploits0References4

CVE•added 2026/05/31 3:15 a.m.•13 views

CVE-2026-10166

Edimax BR-6478AC (firmware 1.23) is affected by a vulnerability in the POST Request Handler, specifically the function formWlbasic in /goform/formWlbasic. The issue arises from manipulating the argument rootAPmac, enabling command injection. The vulnerability is exploitable remotely and has been ...

6.5CVSS6.4AI score0.01072EPSS

Exploits0References4