Vulnerabilities > Edimax > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-7616 | Command Injection vulnerability in Edimax Ic-5150W Firmware and Ic-6220Dc Firmware A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. | 9.8 |
| 2024-01-16 | CVE-2023-49351 | Out-of-bounds Write vulnerability in Edimax Br-6478Ac Firmware 1.23 A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function. | 9.8 |
| 2023-05-15 | CVE-2023-31986 | Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10 A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations. | 9.8 |
| 2023-05-12 | CVE-2023-31983 | Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10 A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations. | 9.8 |
| 2023-05-12 | CVE-2023-31985 | Command Injection vulnerability in Edimax Br-6428Ns Firmware 1.10 A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations. | 9.8 |
| 2022-06-29 | CVE-2021-40597 | Use of Hard-coded Credentials vulnerability in Edimax Ic-3140W Firmware 3.11 The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password. | 10.0 |
| 2011-11-22 | CVE-2011-4502 | OS Command Injection vulnerability in multiple products The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters. | 10.0 |
| 2011-11-22 | CVE-2011-4501 | Configuration vulnerability in multiple products The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. | 10.0 |