CVE-2026-1971

LOW 2.4

Edimax BR-6288ACL wiz_WISP24gmanual.asp wiz_WISP24gmanual cross site scripting

CVSS Score

2.4

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability has been found in Edimax BR-6288ACL up to 1.12. Impacted is the function wiz_WISP24gmanual of the file wiz_WISP24gmanual.asp. Such manipulation of the argument manualssid leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor confirms that the affected product is end-of-life. They confirm that they "will issue a consolidated Security Advisory on our official support website." This vulnerability only affects products that are no longer supported by the maintainer.

CWE	CWE-79 CWE-94
Vendor	edimax
Product	br-6288acl
Published	Feb 6, 2026
Last Updated	Feb 23, 2026

Stay Ahead of the Next One

Get instant alerts for edimax br-6288acl

Be the first to know when new low vulnerabilities affecting edimax br-6288acl are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Affected Versions

Edimax / BR-6288ACL

1.0 1.1 1.2 1.3 1.4 1.5 1.6 1.7 1.8 1.9 1.10 1.11 1.12

References

NVD ↗ CVE.org ↗ EPSS Data ↗

vuldb.com: https://vuldb.com/?id.344493 vuldb.com: https://vuldb.com/?ctiid.344493 vuldb.com: https://vuldb.com/?submit.743318 tzh00203.notion.site: https://tzh00203.notion.site/EDIMAX-BR6288ACL-v1-12-XSS-via-wiz_WISP24gmanual-asp-Configuration-2eeb5c52018a802e8ed9f6d000f7a6aa?source=copy_link

Credits

🔍 tian (VulDB User)