CVE-2025-28145

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via partition in /boafrm/formDiskFormat.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:edimax:br-6478ac_v3_firmware:1.0.15:*:*:*:*:*:*:*
cpe:2.3:h:edimax:br-6478ac_v3:-:*:*:*:*:*:*:*

History

01 May 2025, 14:26

Type Values Removed Values Added
First Time Edimax
Edimax br-6478ac V3 Firmware
Edimax br-6478ac V3
Summary
  • (es) Se descubrió que Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 contiene una vulnerabilidad de inyección de comandos a través de la partición en /boafrm/formDiskFormat.
CPE cpe:2.3:o:edimax:br-6478ac_v3_firmware:1.0.15:*:*:*:*:*:*:*
cpe:2.3:h:edimax:br-6478ac_v3:-:*:*:*:*:*:*:*
References () https://gist.github.com/regainer27/cee49ede0f576447cc4b1bb078e7a981 - () https://gist.github.com/regainer27/cee49ede0f576447cc4b1bb078e7a981 - Exploit, Third Party Advisory
References () https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/2 - () https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/2 - Exploit, Third Party Advisory

15 Apr 2025, 21:15

Type Values Removed Values Added
CWE CWE-77
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5

15 Apr 2025, 15:16

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-15 15:16

Updated : 2025-05-01 14:26


NVD link : CVE-2025-28145

Mitre link : CVE-2025-28145

CVE.ORG link : CVE-2025-28145


JSON object : View

Products Affected

edimax

  • br-6478ac_v3_firmware
  • br-6478ac_v3
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')