Description
A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-24
Score: 5.3 Medium
EPSS: 1.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The formHwSet endpoint in Edimax BR‑6675nD firmware 1.12 accepts POST parameters such as regDomain, ABandregDomain, nic0Addr, nic1Addr, wlanAddr, and inicAddr. An attacker can manipulate these arguments to inject shell commands that are executed on the device, enabling arbitrary command execution on the router.

Affected Systems

Only devices running firmware version 1.12 of the Br‑6675nD router are documented as affected; no information is provided about other firmware revisions.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. EPSS score of 1% and the vulnerability is not listed in the CISA KEV catalog, yet a public exploit has been released. An attacker can trigger the injection remotely by sending POST requests to /goform/formHwSet from any host that can reach the router’s management interface. Successful exploitation would allow the attacker to run arbitrary shell commands on the router.

Generated by OpenCVE AI on May 24, 2026 at 14:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router to a firmware revision that resolves the formHwSet command injection flaw.
  • If no firmware update is available, isolate the router’s management interface by configuring firewall rules to allow connections only from trusted internal networks.
  • Actively monitor logs for unusual POST requests to /goform/formHwSet and investigate any anomalies promptly.

Generated by OpenCVE AI on May 24, 2026 at 14:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 24 May 2026 11:30:00 +0000

Type Values Removed Values Added
Description A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument regDomain/ABandregDomain/nic0Addr/nic1Addr/wlanAddr/inicAddr results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title Edimax BR-6675nD POST Request formHwSet command injection
First Time appeared Edimax
Edimax br-6675nd
Weaknesses CWE-74
CWE-77
CPEs cpe:2.3:a:edimax:br-6675nd:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax br-6675nd
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Edimax Br-6675nd
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-24T11:15:09.504Z

Reserved: 2026-05-23T14:58:59.916Z

Link: CVE-2026-9378

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-24T14:45:35Z

Weaknesses