CVE-2026-9441— Edimax BR-6478AC POST表单命令注入漏洞
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing Application新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2026-9441の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Edimax BR-6478AC POST Request formiNICbasic command injection
ソース: NVD (National Vulnerability Database)
脆弱性説明
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
在命令中使用的特殊元素转义处理不恰当(命令注入)
ソース: NVD (National Vulnerability Database)
影響を受ける製品
II. CVE-2026-9441の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2026-9441のインテリジェンス情報
请登录查看更多情报信息。
CVE-2026-9441 其他参考 (1)
Same Patch Batch · Edimax · 2026-05-25 · 19 CVEs total
| CVE-2026-9460 | 8.8 HIGH | Edimax EW-7438RPn formAccept stack-based overflow |
| CVE-2026-9482 | 8.8 HIGH | Edimax EW-7438RPn formSDHCP stack-based overflow |
| CVE-2026-9480 | 8.8 HIGH | Edimax EW-7438RPn formrefresh stack-based overflow |
| CVE-2026-9481 | 8.8 HIGH | Edimax EW-7438RPn formStats stack-based overflow |
| CVE-2026-9479 | 8.8 HIGH | Edimax EW-7438RPn formLogout stack-based overflow |
| CVE-2026-9462 | 8.8 HIGH | Edimax EW-7438RPn formWpsProxyEnable stack-based overflow |
| CVE-2026-9463 | 8.8 HIGH | Edimax EW-7438RPn formLicence stack-based overflow |
| CVE-2026-9459 | 8.8 HIGH | Edimax EW-7438RPn formConnectionSetting stack-based overflow |
| CVE-2026-9461 | 8.8 HIGH | Edimax EW-7438RPn formRadius stack-based overflow |
| CVE-2026-9443 | 8.8 HIGH | Edimax BR-6478AC POST Request formL2TPSetup buffer overflow |
| CVE-2026-9442 | 8.8 HIGH | Edimax BR-6478AC POST Request formiNICSiteSurvey buffer overflow |
| CVE-2026-9427 | 8.8 HIGH | Edimax EW-7438RPn webs formWlSiteSurvey stack-based overflow |
| CVE-2026-9426 | 8.8 HIGH | Edimax EW-7438RPn formHwSet stack-based overflow |
| CVE-2026-9425 | 8.8 HIGH | Edimax EW-7438RPn formWlanMP stack-based overflow |
| CVE-2026-9424 | 6.3 MEDIUM | Edimax EW-7438RPn Content-Type formWlanMP os command injection |
| CVE-2026-9440 | 6.3 MEDIUM | Edimax BR-6478AC POST Request formAccept command injection |
| CVE-2026-9439 | 6.3 MEDIUM | Edimax BR-6675nD stainfo command injection |
| CVE-2026-9423 | 4.7 MEDIUM | Edimax BR-6675nD POST Request mp command injection |
IV. 関連脆弱性
同じベンダー: Edimax
- CVE-2026-9482
Edimax EW-7438RPn formSDHCP stack-based overflow - CVE-2026-9481
Edimax EW-7438RPn formStats stack-based overflow - CVE-2026-9480
Edimax EW-7438RPn formrefresh stack-based overflow - CVE-2026-9479
Edimax EW-7438RPn formLogout stack-based overflow - CVE-2026-9463
Edimax EW-7438RPn formLicence stack-based overflow
同じ弱点: CWE-77
- CVE-2026-9453
FoundDream miniclawd SkillsLoader skills-loader.ts which com - CVE-2026-9440
Edimax BR-6478AC POST Request formAccept command injection - CVE-2026-9439
Edimax BR-6675nD stainfo command injection - CVE-2026-9423
Edimax BR-6675nD POST Request mp command injection - CVE-2026-9402
Edimax BR-6675nD POST Request formWlanMP command injection
V. CVE-2026-9441へのコメント
まだコメントはありません