6 matches found
CVE-2026-7682 Edimax BR-6208AC L2TP Mode setWAN command injection
A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-1972
A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...
CVE-2026-1972 Edimax BR-6208AC auth_check_userpass2 default credentials
A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...
PT-2026-6644
Name of the Vulnerable Software and Affected Versions Edimax BR-6208AC version 2 1.02 Description A flaw exists in the auth check userpass2 function that allows for the use of default credentials through manipulation of the Username/Password argument. This issue can be exploited remotely. The...
CVE-2025-70161
EDIMAX BR-6208AC V21.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing...
CVE-2025-14910
A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...