CVE-2026-9441 | Edimax BR-6478AC 1.23 POST Request /goform/formiNICbasic rootAPmac command injection

May 24, 2026 Yanac

A vulnerability was found in Edimax BR-6478AC 1.23. It has been rated as critical. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection.

This vulnerability is identified as CVE-2026-9441. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More