Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
CVE-2026-10125: Edimax BR-6478AC 1.23: Remote Code Execution via User Input
CVE-2026-10125
Summary
The Edimax BR-6478AC router has a vulnerability that can allow hackers to execute code remotely. This is a serious issue because it could be exploited by anyone with the right tools, potentially giving them control over the router. To protect yourself, consider updating the router's firmware to the latest version or replacing it with a newer model.
Original title
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The ...
Original description
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-121
Stack-based Buffer Overflow
Published: 30 May 2026 · Updated: 1 Jun 2026 · First seen: 30 May 2026