Command Injection Vulnerability in EDIMAX BR-6428nS V3 Router
CVE-2026-36734

8.8HIGH

Key Information:

Vendor: EDIMAX
Status: BR-6428nS V3
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-36734?

The EDIMAX BR-6428nS V3 1.15 router is susceptible to a command injection flaw that enables authenticated users within the network to exploit the WLAN configuration interface. This vulnerability arises from inadequate input validation, allowing attackers to execute arbitrary system commands, potentially compromising the device and the integrity of the network.

References

http://edimax.com

https://github.com/theShinigami/CVE-Disclosures/tree/main...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-36734 Data

JSON