CVE-2026-9399
HighSummary
A vulnerability was detected in Edimax BR-6675nD 1.12, affecting the function formsetPPPoE in the file /goform/formsetPPPoE. Manipulating the argument pppUserName results in buffer overflow, allowing for remote attack.
Risk Assessment
This vulnerability poses a risk of remote attack, which could lead to unauthorized access to the device and potential data loss.
Recommendation
It is recommended to update the device firmware to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

