Vulnerabilities > Edimax

DATE CVE VULNERABILITY TITLE RISK
2024-01-16 CVE-2023-49351 Out-of-bounds Write vulnerability in Edimax Br-6478Ac Firmware 1.23
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
network
low complexity
edimax CWE-787
critical
9.8
2023-05-31 CVE-2023-33722 Command Injection vulnerability in Edimax Br-6288Acl Firmware 1.12
EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the pppUserName parameter.
network
low complexity
edimax CWE-77
8.8
2023-05-15 CVE-2023-31986 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-05-12 CVE-2023-31983 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-05-12 CVE-2023-31985 Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations.
network
low complexity
edimax CWE-77
critical
9.8
2023-02-07 CVE-2022-45768 OS Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.20
Command Injection vulnerability in Edimax Technology Co., Ltd.
network
low complexity
edimax CWE-78
8.8
2022-06-29 CVE-2021-40597 Use of Hard-coded Credentials vulnerability in Edimax Ic-3140W Firmware 3.11
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.
network
low complexity
edimax CWE-798
critical
10.0
2021-04-27 CVE-2021-30165 Use of Hard-coded Credentials vulnerability in Edimax Ic-3140W Firmware 3.11
The default administrator account & password of the EDIMAX wireless network camera is hard-coded.
network
low complexity
edimax CWE-798
5.0
2020-12-01 CVE-2020-26762 Out-of-bounds Write vulnerability in Edimax Ic-3116W Firmware and Ic-3140W Firmware
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request.
network
low complexity
edimax CWE-787
7.5
2019-08-27 CVE-2019-13270 Improper Input Validation vulnerability in Edimax Br-6208Ac V1 Firmware
Edimax BR-6208AC V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device.
low complexity
edimax CWE-20
5.8