Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.4
CVE-2026-10126: Edimax BR-6478AC: Unsecured Configuration May Cause Remote Attack
CVE-2026-10126
Summary
A security flaw in Edimax BR-6478AC version 1.23 allows an attacker to remotely launch a malicious attack. This is because the device's configuration settings are not properly secured. To protect your network, update to the latest version of Edimax BR-6478AC as soon as possible.
Original title
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of t...
Original description
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
9.0
nvd CVSS3.1
8.8
nvd CVSS4.0
7.4
Vulnerability type
CWE-119
Buffer Overflow
CWE-120
Classic Buffer Overflow
Published: 30 May 2026 · Updated: 1 Jun 2026 · First seen: 30 May 2026