CVE-2026-8777 | Edimax BR-6428NS 1.10 POST Request /goform/formStaDrvSetup stadrv_ssid command injection

A vulnerability identified as critical has been detected in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulation of the argument stadrv_ssid results in command injection.

This vulnerability is identified as CVE-2026-8777. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8777 | Edimax BR-6428NS 1.10 POST Request /goform/formStaDrvSetup stadrv_ssid command injection

Post correlati

CVE-2024-9548 | Slimstat Analytics Plugin up to 5.2.6 on WordPress cross site scripting

CVE-2025-11884 | Microfocus OpenText uCMDB 24.4 cross site scripting

CVE-2024-37134 | Dell PowerScale OneFS up to 9.5.0.8/9.7.0.0/9.7.0.2/9.7.0.3/9.8.0.0 privileges assignment (dsa-2024-255)

CVE-2024-42060 | Zyxel ATP/USG FLEX/USG FLEX 50(W)/USG20(W)-VPN up to 5.38 os command injection