CNNVD-202512-607 Information

CNNVD ID

CNNVD-202512-607

Related CVE

CVE-2025-14092

• CNNVD Published: 2025-12-05

Description (Chinese)

Edimax BR-6478AC是中国讯舟（Edimax）公司的一款双频千兆路由器。 Edimax BR-6478AC V3 1.0.15版本存在操作系统命令注入漏洞，该漏洞源于对文件/boafrm/formDebugDiagnosticRun中参数host的错误操作，可能导致os命令注入。

Description (English)

Edimax BR-6478AC is a double-frequency gigabyte router of the China Station of Information. Edimax BR-6478AC V3 1.0.15 has an operational system command-injecting loophole, which results from an error in the handling of the argument host in file/boafrm/formDebugDiagnostic Run, which may lead to an Os command-injection.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

讯舟

Published

2025-12-05

Last Modified

2026-02-24

References

https://github.com/Kriswu1337/CVE/blob/main/EDIMAX/1/1.md https://vuldb.com/?ctiid.334482 https://vuldb.com/?id.334482 https://vuldb.com/?submit.696632 https://access.redhat.com/security/cve/cve-2025-14092