High severity8.8NVD Advisory· Published May 18, 2026· Updated May 18, 2026

CVE-2026-8775

Description

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected products

Edimax/BR-6428nS V3llm-fuzzy
Range: = 1.10

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lavender-bicycle-a5a.notion.site/EDIMAX-BR-6428NS-formL2TPSetup-34b53a41781f8046b38bffcc190c5277nvd
vuldb.com/submit/811530nvd
vuldb.com/vuln/364400nvd
vuldb.com/vuln/364400/ctinvd

News mentions

No linked articles in our index yet.

cvss	0.572
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000