Edimax AC1200 Wave 2 Dual-Band Gigabit Router Command Injection Vulnerability Allowing Remote Code Execution

A command injection vulnerability has been identified in the Edimax AC1200 Wave 2 Dual-Band Gigabit Router, specifically in the BR-6478AC V3 firmware version 1.0.15. The vulnerability arises from the 'groupname' parameter in the '/boafrm/formDiskCreateGroup' handler, where unsanitized input allows for arbitrary command execution on the router's operating system.

Impact

Exploitation of this vulnerability allows remote authenticated attackers to execute arbitrary commands with root privileges on the affected router.

Reproduction

To reproduce this vulnerability, send a POST request to '/boafrm/formDiskCreateGroup' with the 'groupname' parameter containing a crafted payload that includes command injection syntax. The request must be made with a valid 'webuicookie' to simulate an authenticated user. Once the payload is executed, the injected command will be executed with root privileges, allowing for arbitrary command execution on the device.