CVE-2025-14092 – This CVE describes an OS command injection vuln... (How to Fix)

Q: What is the severity of CVE-2025-14092?

CVE-2025-14092 has a CVSS score of 4.7 (MEDIUM). This CVE describes an OS command injection vulnerability in Edimax BR-6478AC V3 routers. Attackers can remotely execute arbitrary commands by manipulating the 'host' parameter in the diagnostic function. All users of the affected router version are vulnerable to this attack.

📋 TL;DR

This CVE describes an OS command injection vulnerability in Edimax BR-6478AC V3 routers. Attackers can remotely execute arbitrary commands by manipulating the 'host' parameter in the diagnostic function. All users of the affected router version are vulnerable to this attack.

💻 Affected Systems

Products:

Edimax BR-6478AC V3

Versions: 1.0.15

Operating Systems: Embedded router firmware

Default Config Vulnerable: ⚠️ Yes

Notes: All devices running this firmware version are vulnerable by default. No special configuration required.

📦 What is this software?

Br 6478ac V3 Firmware by Edimax

View all CVEs affecting Br 6478ac V3 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full router compromise allowing attacker to install persistent backdoors, intercept all network traffic, pivot to internal networks, and brick the device.

🟠

Likely Case

Router takeover enabling network traffic monitoring, DNS hijacking, credential theft, and launching attacks against internal devices.

🟢

If Mitigated

Limited impact if router is behind firewall with restricted WAN access, though internal attackers could still exploit.

🌐 Internet-Facing: HIGH - Router is typically internet-facing and exploit requires no authentication.

🏢 Internal Only: HIGH - Even if not internet-facing, any internal attacker can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on GitHub. Attack requires no authentication and uses simple command injection techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: Yes

Instructions:

No official patch available. Vendor has not responded to disclosure. Consider replacing router if no firmware update becomes available.

🔧 Temporary Workarounds

Disable remote administration

all

Turn off remote management/administration features to prevent external exploitation

Access router admin panel → Advanced Settings → Remote Management → Disable

Network segmentation

all

Isolate router management interface to separate VLAN

🧯 If You Can't Patch

Replace router with different model from vendor with better security track record
Place router behind dedicated firewall with strict inbound/outbound rules

🔍 How to Verify

Check if Vulnerable:

Check router firmware version in admin panel. If version is 1.0.15, device is vulnerable.

Check Version:

Login to router admin panel and check System Status or Firmware Information page

Verify Fix Applied:

No fix available to verify. Monitor vendor website for firmware updates.

📡 Detection & Monitoring

Log Indicators:

Unusual POST requests to /boafrm/formDebugDiagnosticRun
Suspicious command strings in diagnostic logs
Multiple failed diagnostic attempts

Network Indicators:

Unusual outbound connections from router
DNS queries to suspicious domains from router
Unexpected SSH/Telnet connections originating from router

SIEM Query:

source="router_logs" AND (uri="/boafrm/formDebugDiagnosticRun" OR message="diagnostic" AND (message="|" OR message="$" OR message="`"))

📊 Metadata

CVE ID: CVE-2025-14092

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-77

EPSS Score: 0.33% exploit probability (55.7th percentile)

Published: December 5, 2025

Last Updated: December 10, 2025

🔗 References

https://github.com/Kriswu1337/CVE/blob/main/EDIMAX/1/1.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.334482 Permissions Required,VDB Entry
https://vuldb.com/?id.334482 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.696632 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14092, you might also want to check these: