Description

EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing arbitrary code execution.

INFO

Published Date :

2026-01-09T00:00:00.000Z

Last Modified :

2026-01-12T16:24:37.524Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-70161 vulnerability.

Vendors Products
Edimax
  • Br-6208ac V2
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-70161.

URL Resource
https://tzh00203.notion.site/EDIMAX-BR-6208AC-V2_1-02-Command-Injection-Vulnerability-in-Web-setWAN-handler-2d3b5c52018a80d7ae8dce2bf5e3294c?source=copy_link cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System