| tiêu đề | Edimax BR-6208AC V2_1.02 Command Injection |
|---|
| Mô tả | A Command Injection Vulnerability has been discovered in the formRoute function in the BR-6208AC_V2_1.03 firmware. This vulnerability exists in the web-based configuration interface, allowing attackers to inject arbitrary system commands due to insufficient input validation and sanitization of user-supplied data (e.g., IP address, subnet mask, and gateway). The untrusted input is directly passed to system commands via functions like system(tmpBuf), enabling remote, unauthenticated attackers to execute malicious commands, potentially leading to remote code execution or privilege escalation. |
|---|
| Nguồn | ⚠️ https://tzh00203.notion.site/EDIMAX-BR-6208AC-V2_1-02-Command-Injection-Vulnerability-in-Web-formRoute-handler-2d3b5c52018a805983d3cf0780b28407?source=copy_link |
|---|
| Người dùng | tian (UID 93438) |
|---|
| Đệ trình | 24/12/2025 03:01 (cách đây 4 các tháng) |
|---|
| Kiểm duyệt | 29/12/2025 10:34 (5 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 338647 [Edimax BR-6208AC 1.02/1.03 Web-based Configuration Interface /gogorm/formRoute strIp/strMask/strGateway nâng cao đặc quyền] |
|---|
| điểm | 17 |
|---|