Overview
CVE-2025-14093 is a medium severity vulnerability affecting Edimax BR-6478AC V3 routers running firmware version 1.0.15. This vulnerability allows a remote attacker to inject operating system commands due to insufficient input validation in the /boafrm/formTracerouteDiagnosticRun endpoint. The vendor has been contacted but has not responded.
Technical Details
The vulnerability resides within the sub_416990 function of the /boafrm/formTracerouteDiagnosticRun file. Specifically, the host argument is vulnerable to OS command injection. An attacker can manipulate this argument to execute arbitrary commands on the router’s operating system. This is possible because the router does not properly sanitize user-supplied input before passing it to a system call. The publicly available exploit demonstrates how to craft a malicious request to trigger this vulnerability.
CVSS Analysis
The Common Vulnerability Scoring System (CVSS) score for CVE-2025-14093 is 4.7 (MEDIUM). The CVSS vector is likely similar to: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N This score reflects the following:
- Attack Vector (AV:N): Network – The vulnerability can be exploited remotely.
- Attack Complexity (AC:H): High – Requires specific conditions which may be difficult to reproduce.
- Privileges Required (PR:N): None – No privileges are required to exploit this vulnerability.
- User Interaction (UI:R): Required – Requires user interaction.
- Scope (S:U): Unchanged – An exploited vulnerability cannot affect resources beyond the security scope managed by the security authority.
- Confidentiality Impact (C:L): Low – Limited access to confidential information.
- Integrity Impact (I:L): Low – Limited modification of data.
- Availability Impact (A:N): None – No impact on system availability.
Possible Impact
Successful exploitation of CVE-2025-14093 could allow an attacker to:
- Execute arbitrary commands on the router.
- Potentially gain unauthorized access to the network.
- Modify router configurations.
- Use the router as part of a botnet.
- Intercept or redirect network traffic.
Mitigation or Patch Steps
Unfortunately, as of this writing, Edimax has not released a patch or firmware update to address this vulnerability and has not responded to disclosure attempts. Therefore, the following mitigation steps are recommended:
- Disable Remote Management: If possible, disable remote management of the router to reduce the attack surface.
- Restrict Access: Limit access to the router’s web interface to only trusted devices on the local network.
- Firewall: Ensure your firewall is configured to block suspicious traffic to and from the router.
- Monitor Network Traffic: Monitor network traffic for unusual activity originating from the router.
- Consider Replacement: If security is a primary concern, consider replacing the Edimax BR-6478AC V3 with a router from a vendor with a better security track record and responsiveness to vulnerability reports.
