CVE-2026-1971 | Edimax BR-6288ACL up to 1.12 wiz_WISP24gmanual.asp wiz_WISP24gmanual manualssid cross site scripting

A vulnerability categorized as problematic has been discovered in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2026-1971. The attack can be launched remotely. Moreover, an exploit is present.

The vendor confirms that the affected product is end-of-life. They confirm that they “will issue a consolidated Security Advisory on our official support website.”

CVE-2026-1971 | Edimax BR-6288ACL up to 1.12 wiz_WISP24gmanual.asp wiz_WISP24gmanual manualssid cross site scripting

Post correlati

CVE-2025-5387 | JeeWMS up to 20250504 File generateController.do?dogenerate access control (IC5FNV)

CVE-2024-45275 | MB Connect Line mbNET.mini up to 2.2.13 hard-coded credentials (VDE-2024-056)

CVE-2025-10452 | Gotac Statistical Database System up to 1.0.0 missing authentication

CVE-2024-52023 | Netgear XR300/R6400/R7000P HTTP POST Request pppoe2.cgi pppoe_localip stack-based overflow