Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-48418

In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands.

Published

2025-01-27T17:15:15.960

Last Modified

2025-05-28T17:53:57.297

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-352

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	edimax	br-6476ac_firmware	1.06	Yes
Hardware	edimax	br-6476ac	-	No

References

http://edimax.com Product ([email protected])
https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48418.md Exploit, Third Party Advisory ([email protected])