PT-2023-23555 · Edimax · Edimax Wireless Router N300

Published

2023-05-12

Updated

2023-05-24

CVE-2023-31983

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Edimax Wireless Router N300 Firmware version BR-6428NS v4

Description A Command Injection issue allows an attacker to execute arbitrary code via the mp function in "/bin/webs" without limitations.

Recommendations For Edimax Wireless Router N300 Firmware version BR-6428NS v4, consider disabling the mp function in "/bin/webs" as a temporary workaround until a patch is available. Restrict access to the "/bin/webs" endpoint to minimize the risk of exploitation.

Exploit

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

BDU:2025-11536

CVE-2023-31983

Affected Products

Edimax Wireless Router N300

PT-2023-23555 · Edimax · Edimax Wireless Router N300

CVE-2023-31983

Weakness Enumeration

Related Identifiers

Affected Products

References · 5