Edimax BR-6208AC Default Credentials Vulnerability in Authentication Function

Vulnerability

A vulnerability exists in the Edimax BR-6208AC router running firmware version 2_1.02, specifically in the authentication function 'auth_check_userpass2'. This vulnerability arises from the use of hardcoded and easily guessable credentials, allowing remote attackers to bypass authentication and gain unauthorized access to the device. The issue is particularly concerning as the product is no longer supported by the vendor, who has acknowledged the vulnerability and plans to release a security advisory.

Impact

Exploitation of this vulnerability allows for unauthorized access to the device, bypassing authentication mechanisms. This could lead to unauthorized changes in device settings or management functions.

Added: Feb 6, 2026, 2:23 AM

Updated: Feb 6, 2026, 2:23 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

8.7

remediation

0.0

relevance

2.6

threat

6.4

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Edimax BR-6208AC Default Credentials Vulnerability in Authentication Function

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating