Vulnerabilities > Edimax

DATE CVE VULNERABILITY TITLE RISK
2024-08-12 CVE-2024-7616 Command Injection vulnerability in Edimax Ic-5150W Firmware and Ic-6220Dc Firmware
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06.
network
low complexity
edimax CWE-77
critical
9.8
2024-01-16 CVE-2023-49351 Out-of-bounds Write vulnerability in Edimax Br-6478Ac Firmware 1.23
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
network
low complexity
edimax CWE-787
critical
9.8
2023-05-31 CVE-2023-33722 Command Injection vulnerability in Edimax Br-6288Acl Firmware 1.12
EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the pppUserName parameter.
network
low complexity
edimax CWE-77
8.8
2023-05-15 CVE-2023-31986 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-05-12 CVE-2023-31983 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-05-12 CVE-2023-31985 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-02-07 CVE-2022-45768 OS Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.20
Command Injection vulnerability in Edimax Technology Co., Ltd.
network
low complexity
edimax CWE-78
8.8
2022-06-29 CVE-2021-40597 Use of Hard-coded Credentials vulnerability in Edimax Ic-3140W Firmware 3.11
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.
network
low complexity
edimax CWE-798
critical
9.8
2021-04-27 CVE-2021-30165 Unspecified vulnerability in Edimax Ic-3140W Firmware 3.11
The default administrator account & password of the EDIMAX wireless network camera is hard-coded.
network
high complexity
edimax
8.1
2020-12-01 CVE-2020-26762 Out-of-bounds Write vulnerability in Edimax Ic-3116W Firmware and Ic-3140W Firmware
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request.
network
low complexity
edimax CWE-787
critical
9.8