Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/05/03 6:15 a.m.58 views

CVE-2026-7682 Edimax BR-6208AC L2TP Mode setWAN command injection

A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit ha...

6.5CVSS0.01158EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/06 1:2 a.m.6 views

CVE-2026-1972

A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...

6.9CVSS5.6AI score0.00598EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/06 1:2 a.m.5 views

CVE-2026-1972 Edimax BR-6208AC auth_check_userpass2 default credentials

A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...

6.9CVSS5.5AI score0.00598EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6644

Name of the Vulnerable Software and Affected Versions Edimax BR-6208AC version 2 1.02 Description A flaw exists in the auth check userpass2 function that allows for the use of default credentials through manipulation of the Username/Password argument. This issue can be exploited remotely. The...

6.9CVSS5.3AI score0.00598EPSS
Exploits1References8
NVD
NVD
added 2026/01/09 5:15 p.m.11 views

CVE-2025-70161

EDIMAX BR-6208AC V21.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing...

9.8CVSS0.24101EPSS
Exploits1References1
OSV
OSV
added 2025/12/19 2:16 a.m.6 views

CVE-2025-14910

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

6.5CVSS5.5AI score0.00443EPSS
Exploits1References4
Rows per page
Query Builder