CVE-2026-8775

Edimax BR-6428NS POST Request formL2TPSetup buffer overflow

CVSS 8.7 HIGHEPSS 0.6%CWE-119 CWE-120

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Productos afectados

Edimax · BR-6428NS

PoCs públicas encontradas — 1

cve_referencelavender-bicycle-a5a.notion.site/EDIMAX-BR-6428NS-formL2TPSetup-34b53a41781f8046b38bffcc190c5277?source=copy_linkno verificado

⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://lavender-bicycle-a5a.notion.site/EDIMAX-BR-6428NS-formL2TPSetup-34b53a41781f8046b38bffcc190c5277?source=copy_link https://vuldb.com/submit/811530 https://vuldb.com/vuln/364400 https://vuldb.com/vuln/364400/cti