Sign-up

ID

VAR-202602-0421


CVE

CVE-2026-1972


DESCRIPTION

A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

Trust: 1.0

sources: NVD: CVE-2026-1972

AFFECTED PRODUCTS

vendor:edimaxmodel:br-6208acscope:lteversion:1.02

Trust: 1.0

sources: NVD: CVE-2026-1972

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2026-1972
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2026-1972
value: HIGH

Trust: 1.0

cna@vuldb.com: CVE-2026-1972
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

cna@vuldb.com: CVE-2026-1972
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2026-1972
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: NVD: CVE-2026-1972 // NVD: CVE-2026-1972

PROBLEMTYPE DATA

problemtype:CWE-1392

Trust: 1.0

sources: NVD: CVE-2026-1972

EXTERNAL IDS

db:VULDBid:344494

Trust: 1.0

db:NVDid:CVE-2026-1972

Trust: 1.0

sources: NVD: CVE-2026-1972

REFERENCES

url:https://tzh00203.notion.site/edimax-br-6208ac-v2_1-02-weak-password-authentication-vulnerability-in-auth_check_userpass2-functi-2f0b5c52018a801c9645dd5261717901?source=copy_link

Trust: 1.0

url:https://vuldb.com/?ctiid.344494

Trust: 1.0

url:https://vuldb.com/?id.344494

Trust: 1.0

url:https://vuldb.com/?submit.744032

Trust: 1.0

sources: NVD: CVE-2026-1972

SOURCES

db:NVDid:CVE-2026-1972

LAST UPDATE DATE

2026-02-20T23:26:35.475000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2026-1972date:2026-02-20T15:20:01.763

SOURCES RELEASE DATE

db:NVDid:CVE-2026-1972date:2026-02-06T02:16:04.633