Description
A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argument pinCode causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-24
Score: 5.3 Medium
EPSS: 1.1% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A vulnerability in Edimax BR-6675nD router firmware 1.12 allows an attacker to send a crafted POST request to the /goform/formWpsStart endpoint, manipulating the pinCode argument. This flaw enables command injection, giving the attacker the ability to execute arbitrary operating‑system commands on the device. The resulting compromise affects confidentiality, integrity, and availability of the router and any network resources connected to it. The weakness is characterized by CWE-74 and CWE-77, reflecting command and OS command injection respectively.

Affected Systems

The affected product is the Edimax BR-6675nD router, model BR-6675nD, running firmware version 1.12. No other vendors or products are listed as impacted.

Risk and Exploitability

The vulnerability scores a CVSS of 5.3, placing it in the medium severity range. EPSS score of 1% indicates a low exploitation probability, and the issue is not listed in the CISA KEV catalog, but public exploits have already been released. The attack vector is remote, relying on HTTP POST access to the formWpsStart endpoint; an attacker who can reach the device over the network can initiate the attack without additional prerequisites.

Generated by OpenCVE AI on May 24, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Edimax firmware update that addresses the formWpsStart injection flaw (if an update is available).
  • Restrict access to the /goform/formWpsStart endpoint by configuring a firewall or access control list to allow only trusted local IP ranges.
  • Disable the WPS feature on the router to eliminate the injection vector.

Generated by OpenCVE AI on May 24, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 24 May 2026 12:00:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argument pinCode causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title Edimax BR-6675nD POST Request formWpsStart command injection
First Time appeared Edimax
Edimax br-6675nd
Weaknesses CWE-74
CWE-77
CPEs cpe:2.3:a:edimax:br-6675nd:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax br-6675nd
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Edimax Br-6675nd
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-24T11:45:09.813Z

Reserved: 2026-05-23T14:59:03.573Z

Link: CVE-2026-9379

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-24T14:45:35Z

Weaknesses