CVE-2025-22906 Information

Description

RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName parameter at /goform/setWAN.

Reference

http://re11s.com https://github.com/xyqer1/RE11S_1.11-setWAN-CommandInjection https://www.edimax.com/edimax/global/