Cross Site Scripting Vulnerability in Edimax BR-6288ACL Router
CVE-2025-1612

5.1MEDIUM

Key Information:

Vendor
Edimax
Status
Br-6288acl
Vendor
CVE Published:
24 February 2025

Summary

A security issue has been identified in the Edimax BR-6288ACL router, specifically in the wireless5g_basic.asp file. This vulnerability allows an attacker to manipulate the SSID parameter, leading to cross site scripting (XSS) attacks. Such attacks can be initiated remotely, potentially compromising user data and security. Despite early contact with the vendor regarding this vulnerability, no response was received.

Affected Version(s)

BR-6288ACL 1.30

References

https://vuldb.com/?id.296602
vdb-entrytechnical-description
https://vuldb.com/?ctiid.296602
signaturepermissions-required
https://vuldb.com/?submit.501309
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Fergod (VulDB User)
.