CVE-2026-8775

Name of the Vulnerable Software and Affected Versions Edimax BR-6428NS version 1.10

Description A buffer overflow exists in the POST Request Handler component. This issue occurs within the formL2TPSetup() function located in the '/goform/formL2TPSetup' endpoint when processing the L2TPUserName argument. This flaw allows a remote attacker to initiate an attack.

Recommendations As a temporary workaround, restrict access to the '/goform/formL2TPSetup' endpoint or avoid using the L2TPUserName parameter until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.