Edimax BR-6478AC V3 OS Command Injection Vulnerability

A remote code execution vulnerability has been identified in the Edimax BR-6478AC V3 router, specifically in version 1.0.15. The issue arises in the function 'sub_416898' within the file '/boafrm/formDebugDiagnosticRun', where the 'host' argument can be manipulated to inject operating system commands. This vulnerability requires authentication to exploit.

Impact

Exploitation of this vulnerability allows for remote command execution on the affected device.

Reproduction

To reproduce this vulnerability, first upload the firmware version 1.0.15 onto the router using the Edimax Firmware Updater. After the firmware is installed, authenticate to the router's web interface. Once authenticated, send a request to the 'formDebugDiagnosticRun' endpoint, manipulating the 'host' parameter to inject OS commands. This can be done using a tool like Burp Suite to intercept and modify the request.