High severity8.8NVD Advisory· Published May 30, 2026· Updated Jun 1, 2026
CVE-2026-10125
CVE-2026-10125
Description
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
Affected products
1Patches
Vulnerability mechanics
References
4News mentions
1- Edimax BR-6478AC: Seven Remote-Code-Execution Flaws Disclosed in 12-Hour BatchVypr Intelligence · May 31, 2026