Edimax Br 6208ac Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Edimax Br 6208ac Firmware.
By the Year
In 2026 there have been 3 vulnerabilities in Edimax Br 6208ac Firmware with an average score of 6.8 out of ten. Last year, in 2025 Br 6208ac Firmware had 4 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Br 6208ac Firmware in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 1.20.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 6.80 |
| 2025 | 4 | 5.60 |
It may take a day or so for new Br 6208ac Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Edimax Br 6208ac Firmware Security Vulnerabilities
Edimax BR-6208AC <=1.02 BUF OVERFLOW via pptpDfGateway /goform/setWAN
CVE-2026-7685
8.8 - High
- May 03, 2026
A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Classic Buffer Overflow
Edimax BR-6208AC 1.02 cmd injection via L2TPUserName in setWAN (/goform/setWAN)
CVE-2026-7682
6.3 - Medium
- May 03, 2026
A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Command Injection
Edimax BR-6208AC 2_1.02 auth_check_userpass2 remote auth bypass default creds
CVE-2026-1972
5.3 - Medium
- February 06, 2026
A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.
1392
A weakness has been identified in Edimax BR-6208AC 1.02/1.03
CVE-2025-15258
3.5 - Low
- December 30, 2025
A weakness has been identified in Edimax BR-6208AC 1.02/1.03. Affected by this issue is the function formALGSetup of the file /goform/formALGSetup of the component Web-based Configuration Interface. This manipulation of the argument wlan-url causes open redirect. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
Open Redirect
A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03
CVE-2025-15257
7.3 - High
- December 30, 2025
A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the function formRoute of the file /gogorm/formRoute of the component Web-based Configuration Interface. The manipulation of the argument strIp/strMask/strGateway results in command injection. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
Command Injection
A vulnerability was identified in Edimax BR-6208AC 1.02/1.03
CVE-2025-15256
7.3 - High
- December 30, 2025
A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component Web-based Configuration Interface. The manipulation of the argument rootAPmac leads to command injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. Edimax confirms this issue: "The product mentioned, EDIMAX BR-6208AC V2, has reached its End of Life (EOL) status. It is no longer supported or maintained by Edimax, and it is no longer available for purchase in the market. Consequently, there will be no further firmware updates or patches for this device. We recommend users upgrade to newer models for better security." This vulnerability only affects products that are no longer supported by the maintainer.
Command Injection
Edimax BR-6208AC 1.02 FTP Daemon Path Traversal RCE
CVE-2025-14910
4.3 - Medium
- December 19, 2025
A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handle_retr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is no longer available in the market and has been discontinued for five years. Consequently, Edimax no longer provides technical support, firmware updates, or security patches for this specific model. However, to ensure the safety of our remaining active users, we acknowledge this report and will take the following mitigation actions: (A) We will issue an official security advisory on our support website. (B) We will strongly advise users to disable the FTP service on this device to mitigate the reported risk, by which the product will still work for common use. (C) We will recommend users upgrade to newer, supported models." This vulnerability only affects products that are no longer supported by the maintainer.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Edimax Br 6208ac Firmware or by Edimax? Click the Watch button to subscribe.
