CVE-2026-7684

Summary

A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway  leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
EdimaxBR-6428nC1.0affected
EdimaxBR-6428nC1.1affected
EdimaxBR-6428nC1.2affected
EdimaxBR-6428nC1.3affected
EdimaxBR-6428nC1.4affected
EdimaxBR-6428nC1.5affected
EdimaxBR-6428nC1.6affected
EdimaxBR-6428nC1.7affected
EdimaxBR-6428nC1.8affected
EdimaxBR-6428nC1.9affected
EdimaxBR-6428nC1.10affected
EdimaxBR-6428nC1.11affected
EdimaxBR-6428nC1.12affected
EdimaxBR-6428nC1.13affected
EdimaxBR-6428nC1.14affected
EdimaxBR-6428nC1.15affected
EdimaxBR-6428nC1.16affected

Weaknesses

  • CWE-120: Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References