CVE-2022-45768
HIGHEdimax BR-6428nS Firmware - OS Command Injection via formWlanMP Function
Title source: llmDescription
Command Injection vulnerability in Edimax Technology Co., Ltd. Wireless Router N300 Firmware BR428nS v3 allows attacker to execute arbitrary code via the formWlanMP function.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://github.com/Erebua/CVE/blob/main/Edimax.md
Exploit, Third Party Advisory
https://www.lovesandy.cc/2022/11/20/EDIMAX%E6%BC%8F%E6%B4%9E/
Scores
CVSS v3
8.8
EPSS
0.2866
EPSS Percentile
97.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (1)
edimax/br-6428ns_firmware
1.20
Published
Feb 07, 2023
Tracked Since
Feb 18, 2026