CVE-2025-14910
Unknown Unknown - Not Provided
Path Traversal in Edimax BR-6208AC FTP Daemon Allows Remote Exploit

Publication date: 2025-12-19

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handle_retr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is no longer available in the market and has been discontinued for five years. Consequently, Edimax no longer provides technical support, firmware updates, or security patches for this specific model. However, to ensure the safety of our remaining active users, we acknowledge this report and will take the following mitigation actions: (A) We will issue an official security advisory on our support website. (B) We will strongly advise users to disable the FTP service on this device to mitigate the reported risk, by which the product will still work for common use. (C) We will recommend users upgrade to newer, supported models." This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-19
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-12-19
EPSS Evaluated
2026-06-15
NVD
CVE-2025-14910
EUVD
EUVD-2025-204431
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
edimax br-6208ac 1.02
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The immediate mitigation recommended by Edimax is to disable the FTP service on the affected Edimax BR-6208AC device. This action will prevent exploitation of the path traversal vulnerability while allowing the device to continue functioning for other purposes. Additionally, users are strongly advised to upgrade to newer, supported models since this product is discontinued and no longer receives security patches or firmware updates. [2]

Executive Summary

CVE-2025-14910 is an Absolute Path Traversal vulnerability in the FTP daemon service of the Edimax BR-6208AC router, specifically in the handle_retr function. This flaw occurs because the device does not properly validate or sanitize user-supplied file paths during file retrieval, allowing authenticated attackers to access arbitrary files on the device's filesystem. This can expose sensitive information such as configuration files and passwords. The vulnerability can be exploited remotely and a public proof-of-concept exploit exists. [1, 2]

Impact Analysis

This vulnerability can impact you by allowing an attacker to remotely access and read arbitrary files on your Edimax BR-6208AC router, potentially exposing sensitive information like configuration files and passwords. This compromises the confidentiality of your device and network data. Since the device is discontinued and no longer supported, no patches are available, increasing the risk if the FTP service remains enabled. [1, 2]

Detection Guidance

This vulnerability affects the FTP daemon service of the Edimax BR-6208AC router, specifically the handle_retr function. Detection can focus on identifying if the device is running the vulnerable firmware version 1.02 and if the FTP service is enabled. Network scanning tools can be used to detect the presence of an FTP service on the device. Additionally, monitoring FTP traffic for unusual file retrieval requests that attempt path traversal sequences (e.g., '../') may help detect exploitation attempts. Specific commands to check the FTP service status on the device are not provided in the resources. However, on a network, you can use commands like 'nmap -p 21 <device_ip>' to check if FTP port 21 is open, and packet capture tools to analyze FTP commands for suspicious path traversal patterns. [1, 2]

Compliance Impact

This vulnerability allows unauthorized access to sensitive files such as configuration files and passwords, which could lead to exposure of personal or protected data. Such exposure may result in non-compliance with data protection regulations like GDPR and HIPAA that require safeguarding sensitive information. However, the affected product is discontinued and no longer supported, and the vendor recommends disabling the FTP service or upgrading to newer models to mitigate the risk. Therefore, continued use of the vulnerable device without mitigation could pose compliance risks. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-14910. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart