CVE-2025-15258

Name of the Vulnerable Software and Affected Versions Edimax BR-6208AC versions 1.02 through 1.03

Description A flaw exists in the Web-based Configuration Interface component of Edimax BR-6208AC versions 1.02 and 1.03. This issue is related to the formALGSetup function within the /goform/formALGSetup file. Manipulation of the wlan-url argument can lead to an open redirect. This manipulation is possible remotely. The exploit for this issue has been publicly released. Edimax has stated that the BR-6208AC V2 has reached its End of Life (EOL) status and will no longer receive updates or patches.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.