CVE-2026-10166NVD

Description

A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

Severity Level

MEDIUM (6.3)

Published Date

31/05/2026

Last Modified

01/06/2026

Exploitation Status

????

References

https://vuldb.com/vuln/367418
https://vuldb.com/vuln/367418/cti
https://vuldb.com/submit/818623
https://lavender-bicycle-a5a.notion.site/EDIMAX-BR6478ACV2-formWlbasic-34b53a41781f80edb1e5e0104741dfb2?source=copy_link

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2026-10166NVD

Description

References