Home / vulnerabilitiesPDF  

Edimax BR-6478AC Privilege Escalation

Posted on 08 December 2015
Source : packetstormsecurity.org Link

 

There exists in the Edimax BR-6478AC (firmware version 2.15) small office, home office (SOHO) WiFi router a number of security flaws which allow an authenticated user to perform additional actions beyond what is permitted from the standard web interface at the highest privilege level. These security flaws may be exploited by a malicious actor in order to redirect critical personal internet traffic from its intended recipient to a location operated by said actor for nefarious purposes. Unfortunately, these flaws seem to have originated from a number of poor software development practices which are specifically addressed as the number one issue in the Open Web Application Security Project (OWASP) top web application security awareness document. By allowing these flaws to go unpatched, it places the customers of Edimax at a greater level of risk for safe and private internet use.

 

TOP