High severity8.8NVD Advisory· Published May 31, 2026· Updated Jun 1, 2026
CVE-2026-10165
CVE-2026-10165
Description
A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack may be performed from remote. The exploit is publicly available and might be used.
Affected products
1Patches
Vulnerability mechanics
References
4News mentions
1- Edimax BR-6478AC: Seven Remote-Code-Execution Flaws Disclosed in 12-Hour BatchVypr Intelligence · May 31, 2026