Edimax BR-6208AC Command Injection Vulnerability in Web-Based Configuration Interface

A command injection vulnerability has been identified in the Edimax BR-6208AC router, specifically in the 1.02 and 1.03 firmware versions. The issue arises in the web-based configuration interface, within the formRoute function of the /gogorm/formRoute file. The vulnerability allows remote, unauthenticated attackers to inject arbitrary system commands by manipulating the strIp, strMask, or strGateway parameters. This exploitation takes advantage of inadequate input validation and sanitization, with the injected commands executed via functions that interface with the system command execution environment.

Impact

Successful exploitation of this vulnerability allows for command injection, where an attacker can execute arbitrary commands on the device. This could potentially lead to remote code execution or privilege escalation, depending on the commands injected and the context in which they are executed.

Remediation

Edimax has stated that the BR-6208AC V2 has reached its End of Life (EOL) status and is no longer supported or maintained. As such, no firmware updates or patches will be provided for this device. Users are advised to upgrade to newer models for better security.