漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Edimax BR-6208AC Web-based Configuration formRoute command injection
Vulnerability Description
A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Edimax BR-6208AC 命令注入漏洞
Vulnerability Description
Edimax BR-6208AC是中国台湾讯舟(Edimax)公司的一款无线路由器。 Edimax BR-6208AC 1.02版本和1.03版本存在命令注入漏洞,该漏洞源于对组件Web-based Configuration Interface中文件/gogorm/formRoute参数strIp/strMask/strGateway的错误操作,可能导致命令注入。
CVSS Information
N/A
Vulnerability Type
N/A