Edimax Br-6478Ac V2 vulnerabilities
5 known vulnerabilities affecting edimax/br-6478ac_v2.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2026-12806P2HIGHCVSS 8.8v1.232026-06-21
CVE-2026-12806 [HIGH] CWE-119 CVE-2026-12806: A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function for
A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and
nvd
CVE-2026-12810P3MEDIUMCVSS 6.3v1.232026-06-21
CVE-2026-12810 [MEDIUM] CWE-74 CVE-2026-12810: A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is t
A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be us
nvd
CVE-2026-12807P3MEDIUMCVSS 6.3v1.232026-06-21
CVE-2026-12807 [MEDIUM] CWE-74 CVE-2026-12807: A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file
A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used.
nvd
CVE-2026-12808P3MEDIUMCVSS 6.3v1.232026-06-21
CVE-2026-12808 [MEDIUM] CWE-74 CVE-2026-12808: A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the
A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contact
nvd
CVE-2026-12809P3MEDIUMCVSS 6.3v1.232026-06-21
CVE-2026-12809 [MEDIUM] CWE-74 CVE-2026-12809: A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz_5in1_redire
A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz_5in1_redirect of the file /goform/wiz_5in1_redirect of the component POST Request Handler. Such manipulation of the argument newpass leads to command injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor w
nvd