{"id":79073,"date":"2026-05-31T07:46:19","date_gmt":"2026-05-31T04:16:19","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-10166-edimax-br-6478ac-post-request-formwlbasic-command-injection\/"},"modified":"2026-05-31T07:46:19","modified_gmt":"2026-05-31T04:16:19","slug":"cve-2026-10166-edimax-br-6478ac-post-request-formwlbasic-command-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-10166-edimax-br-6478ac-post-request-formwlbasic-command-injection\/","title":{"rendered":"CVE-2026-10166 &#8211; Edimax BR-6478AC POST Request formWlbasic command injection"},"content":{"rendered":"<p>CVE ID :CVE-2026-10166<\/p>\n<p>  Published : May 31, 2026, 4:16 a.m. | 16\u00a0minutes ago<\/p>\n<p>  Description :A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file \/goform\/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.<\/p>\n<p>  Severity: 6.5 | MEDIUM<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-10166 Published : May 31, 2026, 4:16 a.m. | 16\u00a0minutes ago Description :A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file \/goform\/formWlbasic of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack is possible to be carried &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-79073","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=79073"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/79073\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=79073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=79073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=79073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}