GCVE - cpe:2.3:o:edimax:br-6476ac_firmware:1.06:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:edimax:br-6476ac_firmware:1.06:*:*:*:*:*:*:*

part: o version: 1.06 update: *

Vendor	Edimax (`b21209bc-38b2-5a9c-baa2-25a5068c39e9`)
Product	Br 6476Ac Firmware (`5e41755e-3de2-514e-a30c-c5c3e349b865`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-48420`	vulnerable	2026-06-03 14:57:03.051968	Details available Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/getWifiBasic. Published: 2025-01-27T00:00:00.000Z Updated: 2025-01-28T19:44:57.375Z Open on db.gcve.eu Reference links http://edimax.com https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48420.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48419`	vulnerable	2026-06-03 14:57:03.051682	Details available Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges. Published: 2025-01-27T00:00:00.000Z Updated: 2025-01-28T19:44:29.312Z Open on db.gcve.eu Reference links http://edimax.com https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48419.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48418`	vulnerable	2026-06-03 14:57:03.051294	Details available In Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06, the request /goform/fromSetDDNS does not properly handle special characters in any of user provided parameters, allowing an attacker with access to the web interface to inject and execute arbitrary shell commands. Published: 2025-01-27T00:00:00.000Z Updated: 2025-01-28T19:44:40.087Z Open on db.gcve.eu Reference links http://edimax.com https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48418.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48417`	vulnerable	2026-06-03 14:57:03.050982	Details available Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Cross Site Scripting (XSS) in : /bin/goahead via /goform/setStaticRoute, /goform/fromSetFilterUrlFilter, and /goform/fromSetFilterClientFilter. Published: 2025-01-27T00:00:00.000Z Updated: 2025-01-28T19:44:49.506Z Open on db.gcve.eu Reference links http://edimax.com https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48417.md	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-48416`	vulnerable	2026-06-03 14:57:03.049911	Details available Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 is vulnerable to Buffer Overflow via /goform/fromSetLanDhcpsClientbinding. Published: 2025-01-27T00:00:00.000Z Updated: 2025-01-28T19:45:05.776Z Open on db.gcve.eu Reference links http://edimax.com https://github.com/SpikeReply/advisories/blob/c271ddb997bc0263274118acc380bc71ce9c316b/cve/edimax/cve-2024-48416.md	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.