Edimax BR-6288ACL wiz_WISP24gmanual.asp wiz_WISP24gmanual cross site scripting_CVE-2026-1971

4.8 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

Basic Information

ID CVE-2026-1971

Source VulDB

Published Feb 6, 2026 at 00:02

Affected Product

Vendor Edimax

Product BR-6288ACL

Version 1.0

Affected Versions Edimax BR-6288ACL 1.0
Edimax BR-6288ACL 1.1
Edimax BR-6288ACL 1.2
Edimax BR-6288ACL 1.3
Edimax BR-6288ACL 1.4
Edimax BR-6288ACL 1.5
Edimax BR-6288ACL 1.6
Edimax BR-6288ACL 1.7
Edimax BR-6288ACL 1.8
Edimax BR-6288ACL 1.9
Edimax BR-6288ACL 1.10
Edimax BR-6288ACL 1.11
Edimax BR-6288ACL 1.12

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they \"will issue a consolidated Security Advisory on our official support website.\" This vulnerability only affects products that are no longer supported by the maintainer.",
    "published": "2026-02-06T00:02:07.694Z",
    "modified": "2026-02-06T00:02:07.694Z",
    "type": "cve",
    "title": "Edimax BR-6288ACL wiz_WISP24gmanual.asp wiz_WISP24gmanual cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.344493\nhttps://vuldb.com/?ctiid.344493\nhttps://vuldb.com/?submit.743318\nhttps://tzh00203.notion.site/EDIMAX-BR6288ACL-v1-12-XSS-via-wiz_WISP24gmanual-asp-Configuration-2eeb5c52018a802e8ed9f6d000f7a6aa?source=copy_link",
    "id": "CVE-2026-1971",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "Edimax BR-6288ACL 1.0\nEdimax BR-6288ACL 1.1\nEdimax BR-6288ACL 1.2\nEdimax BR-6288ACL 1.3\nEdimax BR-6288ACL 1.4\nEdimax BR-6288ACL 1.5\nEdimax BR-6288ACL 1.6\nEdimax BR-6288ACL 1.7\nEdimax BR-6288ACL 1.8\nEdimax BR-6288ACL 1.9\nEdimax BR-6288ACL 1.10\nEdimax BR-6288ACL 1.11\nEdimax BR-6288ACL 1.12",
    "sourceHref": "",
    "cvss": {
        "score": 4.8,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "BR-6288ACL",
    "version": "1.0",
    "vendor": "Edimax",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}