CVE-2025-28142: Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in...

Description

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in /boafrm/formDiskCreateShare.

Classification

CVE ID: CVE-2025-28142

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 4.33% (probability of being exploited)

EPSS Percentile: 88.26% (scored less or equal to compared to others)

EPSS Date: 2025-04-21 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-28142
https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/4
https://gist.github.com/regainer27/fb033d40b9d0245c36e520eeb34b7e76

Timeline

2025-04-15 16:40:24 UTC
CVE

Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3_1.0.15 was discovered to contain a command injection vulnerability via the foldername in...