cvedb.io
CVE-2024-48419
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2025-01-27T17:15:16.053 · Last modified 2026-06-17T07:58:28.860

Summary

Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in /bin/goahead. Specifically, these issues can be triggered through /goform/tracerouteDiagnosis, /goform/pingDiagnosis, and /goform/fromSysToolPingCmd Each of these issues allows an attacker with access to the web interface to inject and execute arbitrary shell commands, with "root" privileges.

Affected products

edimax — br-6476ac_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when edimax ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.