CVE Catalog

CVE-2026-9380

High
Published: Translated: NVD NIST

Summary

A vulnerability has been detected in Edimax BR-6675nD version 1.12 affecting the formL2TPSetup function in the /goform/formL2TPSetup file. Manipulation of the L2TPUserName argument leads to buffer overflow, which can be exploited remotely.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a significant threat to the security of the device and the network it is installed in.

Recommendation

It is recommended to update the device firmware to the latest version or implement appropriate security measures to mitigate the risk of an attack.

Original NVD description (English source)

A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS