Summaryinfo

A vulnerability described as critical has been identified in Edimax BR6478AC V2 1.23. Affected is the function strcpy of the file /bin/webs. The manipulation results in stack-based overflow. This vulnerability is known as CVE-2023-49351. No exploit is available. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Detailsinfo

A vulnerability classified as critical has been found in Edimax BR6478AC V2 1.23. Affected is the function strcpy of the file /bin/webs. The manipulation with an unknown input leads to a stack-based overflow vulnerability. CWE is classifying the issue as CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.

The weakness was published 01/16/2024. The advisory is shared for download at github.com. This vulnerability is traded as CVE-2023-49351 since 11/27/2023. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 06/02/2025).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• Edimax

Name

• BR6478AC V2

Version

• 1.23

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion