CVE-2026-9294 | Edimax BR-6428NS 1.10 POST Request formWanTcpipSetup pppUserName buffer overflow

A vulnerability categorized as critical has been discovered in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow.

This vulnerability is referenced as CVE-2026-9294. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More