CVE-2025-14910
Path Traversal in Edimax BR-6208AC FTP Daemon Allows Remote Exploit
Publication date: 2025-12-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| edimax | br-6208ac | 1.02 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation recommended by Edimax is to disable the FTP service on the affected Edimax BR-6208AC device. This action will prevent exploitation of the path traversal vulnerability while allowing the device to continue functioning for other purposes. Additionally, users are strongly advised to upgrade to newer, supported models since this product is discontinued and no longer receives security patches or firmware updates. [2]
Can you explain this vulnerability to me?
CVE-2025-14910 is an Absolute Path Traversal vulnerability in the FTP daemon service of the Edimax BR-6208AC router, specifically in the handle_retr function. This flaw occurs because the device does not properly validate or sanitize user-supplied file paths during file retrieval, allowing authenticated attackers to access arbitrary files on the device's filesystem. This can expose sensitive information such as configuration files and passwords. The vulnerability can be exploited remotely and a public proof-of-concept exploit exists. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an attacker to remotely access and read arbitrary files on your Edimax BR-6208AC router, potentially exposing sensitive information like configuration files and passwords. This compromises the confidentiality of your device and network data. Since the device is discontinued and no longer supported, no patches are available, increasing the risk if the FTP service remains enabled. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects the FTP daemon service of the Edimax BR-6208AC router, specifically the handle_retr function. Detection can focus on identifying if the device is running the vulnerable firmware version 1.02 and if the FTP service is enabled. Network scanning tools can be used to detect the presence of an FTP service on the device. Additionally, monitoring FTP traffic for unusual file retrieval requests that attempt path traversal sequences (e.g., '../') may help detect exploitation attempts. Specific commands to check the FTP service status on the device are not provided in the resources. However, on a network, you can use commands like 'nmap -p 21 <device_ip>' to check if FTP port 21 is open, and packet capture tools to analyze FTP commands for suspicious path traversal patterns. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized access to sensitive files such as configuration files and passwords, which could lead to exposure of personal or protected data. Such exposure may result in non-compliance with data protection regulations like GDPR and HIPAA that require safeguarding sensitive information. However, the affected product is discontinued and no longer supported, and the vendor recommends disabling the FTP service or upgrading to newer models to mitigate the risk. Therefore, continued use of the vulnerable device without mitigation could pose compliance risks. [1, 2]