Shodan
Vulnerabilities
Vulnerable Software
Edimax:  Security Vulnerabilities
CVE-2025-22906
RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName parameter at /goform/setWAN.
CVSS Score
9.8
EPSS Score
0.027
Published
2025-01-16
CVE-2025-22907
RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the formWlSiteSurvey function.
CVSS Score
9.8
EPSS Score
0.009
Published
2025-01-16
CVE-2025-22912
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform/formAccept.
CVSS Score
9.8
EPSS Score
0.023
Published
2025-01-16
CVE-2025-22913
RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function.
CVSS Score
9.8
EPSS Score
0.007
Published
2025-01-16
CVE-2025-22916
RE11S v1.11 was discovered to contain a stack overflow via the pppUserName parameter in the formPPPoESetup function.
CVSS Score
9.8
EPSS Score
0.007
Published
2025-01-16
CVE-2024-7616
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcam_cgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
5.1
EPSS Score
0.047
Published
2024-08-12
CVE-2023-49351
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
CVSS Score
9.8
EPSS Score
0.006
Published
2024-01-16
CVE-2023-33722
EDIMAX BR-6288ACL v1.12 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the pppUserName parameter.
CVSS Score
8.8
EPSS Score
0.017
Published
2023-05-31
CVE-2023-31986
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations.
CVSS Score
9.8
EPSS Score
0.082
Published
2023-05-15
CVE-2023-31983
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the mp function in /bin/webs without any limitations.
CVSS Score
9.8
EPSS Score
0.249
Published
2023-05-12


Products
Pricing
Contact Us

Shodan ® - All rights reserved