CVE-2025-14092 is an OS command injection vulnerability identified in the Edimax BR-6478AC V3 router, specifically in firmware version 1.0.15. The vulnerability resides in the function sub_416898 within the /boafrm/formDebugDiagnosticRun endpoint. This function improperly sanitizes the 'host' parameter, allowing an attacker to inject arbitrary operating system commands remotely. The flaw can be exploited over the network without user interaction; however, it requires the attacker to have high-level privileges on the device, which may limit the attack surface. The vulnerability was publicly disclosed on December 5, 2025, with no vendor response or patch available at the time of disclosure. The CVSS v4.0 base score is 5.1, reflecting a medium severity level due to the requirement for high privileges and limited scope of impact. The vulnerability can lead to unauthorized command execution, potentially compromising device integrity, leaking sensitive information, or disrupting device availability. The lack of vendor response and patch availability increases the risk for organizations relying on this router model. While no known exploits are currently active in the wild, the public disclosure may prompt attackers to develop and deploy exploits targeting this vulnerability.

The impact of CVE-2025-14092 is significant for organizations using the Edimax BR-6478AC V3 router with firmware version 1.0.15. Successful exploitation allows attackers to execute arbitrary OS commands remotely, potentially leading to full device compromise. This can result in unauthorized access to network traffic, manipulation or disruption of network services, and the introduction of persistent backdoors. The confidentiality of sensitive data passing through the router may be compromised, and the integrity of network configurations can be altered maliciously. Availability may also be affected if attackers disrupt router operations or cause denial of service. Given the router’s role as a network gateway, exploitation could serve as a foothold for lateral movement within an organization’s internal network. The requirement for high privileges reduces the likelihood of widespread exploitation but does not eliminate risk, especially in environments where administrative access is weakly protected or compromised. The absence of a vendor patch and the public disclosure increase the urgency for organizations to implement mitigations to prevent exploitation.

To mitigate CVE-2025-14092, organizations should first verify if they are using the Edimax BR-6478AC V3 router with firmware version 1.0.15. Since no official patch is available, immediate steps include restricting access to the router’s management interface by limiting it to trusted internal networks and disabling remote management features if enabled. Implement strong authentication controls and ensure administrative credentials are complex and changed regularly. Network segmentation should be employed to isolate the router from critical systems and reduce the impact of potential compromise. Monitoring network traffic and device logs for unusual activity related to the /boafrm/formDebugDiagnosticRun endpoint or unexpected command execution attempts is recommended. If possible, consider replacing affected devices with models from vendors that provide timely security updates. Additionally, organizations should maintain up-to-date inventories of network devices and apply security best practices for IoT and network infrastructure devices. Engage in threat intelligence sharing to stay informed about any emerging exploits targeting this vulnerability.