CVE-2026-9400

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

CVE-2026-9400

Edimax BR-6675nD (firmware 1.12) is affected by a command-injection in the POST Request Handler’s formUSBStorage function (/goform/formUSBStorage). By manipulating the sub_dir parameter, an attacker can execute arbitrary commands remotely. The CVE description consistently notes a remote attack po...

CVE-2026-9400 Edimax BR-6675nD POST Request formUSBStorage command injection

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

Edimax BR-6675nD 命令注入漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a command injection vulnerability. This vulnerability stems from the formUSBStorage function in the POST Request Handler component, specifically the...

PT-2026-42971

Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12 Description A flaw in the POST Request Handler component allows for remote command injection. The issue exists within the formUSBStorage function located in the '/goform/formUSBStorage' endpoint. An attacker can...

Server side request forgery (ssrf)

Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the 1 subdir parameter in a formUSBStorage request; pinCode parameter in a 2 formWpsStart or 3 formiNICWpsStart request; 4 wpsenroleepin parameter in a...