Vulnerability Description
A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redirect. The attack can be initiated remotely. The exploit has been published and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Edimax | Br-6258N Firmware | <= 1.18 |
| Edimax | Br-6258N | - |
Related Weaknesses (CWE)
References
- https://tzh00203.notion.site/EDIMAX-BR-6258n-v1-18-Open-Redirect-Vulnerability-iExploitThird Party Advisory
- https://vuldb.com/?ctiid.344492Permissions RequiredVDB Entry
- https://vuldb.com/?id.344492Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.742734Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-1970?
CVE-2026-1970 is a vulnerability with a CVSS score of 3.5 (LOW). A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redir...
How severe is CVE-2026-1970?
CVE-2026-1970 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-1970?
Check the references section above for vendor advisories and patch information. Affected products include: Edimax Br-6258N Firmware, Edimax Br-6258N.