CVE-2026-9378 | Edimax BR-6675nD 1.12 POST Request /goform/formHwSet command injection

SecurityVulns
Yanac

A vulnerability labeled as critical has been found in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection.

This vulnerability is known as CVE-2026-9378. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More