A vulnerability was detected in Edimax BR-6228NC 1.22
A command injection vulnerability has been found in the Edimax BR-6228NC router, version 1.22, allowing an attacker to execute arbitrary system commands. The vulnerability is located in the /goform/mp function of the POST Request Handler and can be exploited remotely.
A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Users of the Edimax BR-6228NC router, version 1.22, are at risk of command injection attacks, which can lead to moderate severity consequences.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
0
Affected Products
4
References
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Exploitability
Impact