| शीर्षक | Edimax BR-6208AC V2_1.02 Command Injection |
|---|
| विवरण | A Command Injection Vulnerability has been discovered in the formRoute function in the BR-6208AC_V2_1.03 firmware. This vulnerability exists in the web-based configuration interface, allowing attackers to inject arbitrary system commands due to insufficient input validation and sanitization of user-supplied data (e.g., IP address, subnet mask, and gateway). The untrusted input is directly passed to system commands via functions like system(tmpBuf), enabling remote, unauthenticated attackers to execute malicious commands, potentially leading to remote code execution or privilege escalation. |
|---|
| स्रोत | ⚠️ https://tzh00203.notion.site/EDIMAX-BR-6208AC-V2_1-02-Command-Injection-Vulnerability-in-Web-formRoute-handler-2d3b5c52018a805983d3cf0780b28407?source=copy_link |
|---|
| उपयोगकर्ता | tian (UID 93438) |
|---|
| सबमिशन | 24/12/2025 03:01 AM (4 महीनों पहले) |
|---|
| संयम | 29/12/2025 10:34 AM (5 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 338647 [Edimax BR-6208AC 1.02/1.03 Web-based Configuration Interface /gogorm/formRoute strIp/strMask/strGateway अधिकार वृद्धि] |
|---|
| अंक | 17 |
|---|