Edimax Br 6478ac Firmware
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Edimax Br 6478ac Firmware.
By the Year
In 2026 there have been 11 vulnerabilities in Edimax Br 6478ac Firmware with an average score of 7.9 out of ten. Br 6478ac Firmware did not have any published security vulnerabilities last year. That is, 11 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 11 | 7.89 |
| 2025 | 0 | 0.00 |
| 2024 | 1 | 9.80 |
It may take a day or so for new Br 6478ac Firmware vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Edimax Br 6478ac Firmware Security Vulnerabilities
Remote Cmd Injection in Edimax BR-6478AC 1.23 formWlbasic rootAPmac
CVE-2026-10166
6.3 - Medium
- May 31, 2026
A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
Command Injection
Stack Buffer Overflow in Edimax BR-6478AC 1.23 POST Handler
CVE-2026-10165
8.8 - High
- May 31, 2026
A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is publicly available and might be used.
Stack Overflow
Edimax BR-6478AC 1.23 remote USB Folder buffer overflow
CVE-2026-10164
8.8 - High
- May 31, 2026
A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
Classic Buffer Overflow
Edimax BR-6478AC 1.23 POST Request Handler Buffer Overflow
CVE-2026-10163
8.8 - High
- May 31, 2026
A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.
Classic Buffer Overflow
Edimax BR-6478AC 1.23 cmd injection via formStaDrvSetup
CVE-2026-10127
6.3 - Medium
- May 30, 2026
A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
Command Injection
Buffer Overflow in Edimax BR-6478AC 1.23 FormQoS via POST
CVE-2026-10126
8.8 - High
- May 30, 2026
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
Classic Buffer Overflow
Stack Buffer Overflow in Edimax BR-6478AC 1.23 formPPPoESetup via pppUserName
CVE-2026-10125
8.8 - High
- May 30, 2026
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
Stack Overflow
Edimax BR-6478AC 1.23 POST Handler Buffer Overflow (L2TPUserName)
CVE-2026-9443
8.8 - High
- May 25, 2026
A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Classic Buffer Overflow
Edimax BR-6478AC 1.23 Buffer Overflow in formiNICSiteSurvey (selSSID)
CVE-2026-9442
8.8 - High
- May 25, 2026
A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Classic Buffer Overflow
Command Injection in Edimax BR-6478AC 1.23 POST Handler
CVE-2026-9441
6.3 - Medium
- May 25, 2026
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Command Injection
Edimax BR-6478AC 1.23: Remote Cmd Injection via formAccept
CVE-2026-9440
6.3 - Medium
- May 25, 2026
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Command Injection
Stack Buffer Overflow in Edimax BR6478AC V2 /bin/webs (v1.23)
CVE-2023-49351
9.8 - Critical
- January 16, 2024
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.
Memory Corruption
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Edimax Br 6478ac Firmware or by Edimax? Click the Watch button to subscribe.
