Description
A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-25
Score: 8.7 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability allows an attacker to cause a classic buffer overflow by manipulating the L2TPUserName argument in a POST request to /goform/formL2TPSetup. The overflow may let the attacker execute arbitrary code on the device firmware, giving full control of the router. The description specifically states that the attack can be initiated remotely and has been publicly disclosed, underscoring the seriousness of the flaw.

Affected Systems

The affected product is the Edimax BR-6478AC router, running firmware version 1.23.

Risk and Exploitability

The CVSS score of 8.7 indicates a high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, the intended attack vector is remote exploitation via a crafted POST request with a malicious L2TPUserName value, with no authentication or additional conditions mentioned. Because the flaw is a classic out‑of‑bounds write, exploitation could lead to arbitrary code execution on the affected device.

Generated by OpenCVE AI on May 25, 2026 at 10:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the router to a firmware version that has fixed the buffer overflow, if an update is available from Edimax.
  • If no update exists, block or restrict remote access to the /goform/formL2TPSetup endpoint using firewall rules or router access‑control lists to prevent unauthenticated POST requests.
  • Disable the L2TP or VPN services that use the vulnerable formL2TPSetup interface, reducing the attack surface until a patch is available.

Generated by OpenCVE AI on May 25, 2026 at 10:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 25 May 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Edimax br-6478ac
Vendors & Products Edimax br-6478ac

Mon, 25 May 2026 09:45:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title Edimax BR-6478AC POST Request formL2TPSetup buffer overflow
First Time appeared Edimax
Edimax br-6478ac Firmware
Weaknesses CWE-119
CWE-120
CPEs cpe:2.3:o:edimax:br-6478ac_firmware:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax br-6478ac Firmware
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Edimax Br-6478ac Br-6478ac Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-25T08:45:07.806Z

Reserved: 2026-05-24T07:26:01.611Z

Link: CVE-2026-9443

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-25T10:30:22Z

Weaknesses