How severe is CVE-2025-70161?

CVE-2025-70161 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-70161

9.8CRITICAL

EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An a

Опубликовано: 1/9/2026Обновлено: 1/13/2026

Описание

EDIMAX BR-6208AC V2_1.02 is vulnerable to Command Injection. This arises because the pppUserName field is directly passed to a shell command via the system() function without proper sanitization. An attacker can exploit this by injecting malicious commands into the pppUserName field, allowing arbitrary code execution.

ИИ-АнализНа базе ИИ

Ссылки

https://tzh00203.notion.site/EDIMAX-BR-6208AC-V2_1-02-Command-Injection-Vulnerability-in-Web-setWAN-handler-2d3b5c52018a80d7ae8dce2bf5e3294c?source=copy_link