CVE-2025-14093 | Edimax BR-6478AC V3 1.0.15 formTracerouteDiagnosticRun sub_416990 host os command injection

A vulnerability categorized as critical has been discovered in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub_416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection.

This vulnerability is reported as CVE-2025-14093. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More