MEDIUM🇵🇱 Wersja polska

CVE-2026-1972

CVSS 5.5v4.0pub. 2026-02-06upd. 2026-02-20

A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Edimax Br 6208ac

    HW
    Edimax
    2.0
  • Edimax Br 6208ac Firmware

    OS
    Edimax
    ≤ 1.02
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-70161CRITICAL9.8PL ✓ten sam produkt

Command Injection w Edimax BR-6208AC — wykonanie dowolnego kodu

CVE-2025-15256MEDIUM5.5ten sam produkt

A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected is the function formStaDrvSetup of the ...

CVE-2025-15257MEDIUM5.5ten sam produkt

A security flaw has been discovered in Edimax BR-6208AC 1.02/1.03. Affected by this vulnerability is the funct...

CVE-2025-15258LOW2.0ten sam produkt

W urządzeniach Edimax BR-6208AC w wersjach 1.02/1.03 zidentyfikowano podatność. Problem dotyczy funkcji formAL...

CVE-2025-14910LOW2.1ten sam produkt

Wykryta została podatność w Edimax BR-6208AC 1.02 wpływająca na funkcję handle_retr usługi FTP Daemon Service,...