Show filters
21 Total Results
Displaying 1-10 of 21
Sort by:
Attacker Value
Unknown

CVE-2024-7616

Disclosure Date: August 12, 2024 (last updated August 14, 2024)
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-49351

Disclosure Date: January 16, 2024 (last updated January 31, 2024)
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-33722

Disclosure Date: May 31, 2023 (last updated October 08, 2023)
EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the pppUserName parameter.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31986

Disclosure Date: May 15, 2023 (last updated October 08, 2023)
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31983

Disclosure Date: May 12, 2023 (last updated October 08, 2023)
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31985

Disclosure Date: May 12, 2023 (last updated October 08, 2023)
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-45768

Disclosure Date: February 07, 2023 (last updated October 08, 2023)
Command Injection vulnerability in Edimax Technology Co., Ltd. Wireless Router N300 Firmware BR428nS v3 allows attacker to execute arbitrary code via the formWlanMP function.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-40597

Disclosure Date: June 29, 2022 (last updated October 07, 2023)
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-30165

Disclosure Date: April 27, 2021 (last updated November 28, 2024)
The default administrator account & password of the EDIMAX wireless network camera is hard-coded. Remote attackers can disassemble firmware to obtain the privileged permission and further control the devices.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-26762

Disclosure Date: December 01, 2020 (last updated February 22, 2025)
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >