CVE-2026-9399

Name of the Vulnerable Software and Affected Versions Edimax BR-6675nD version 1.12

Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists within the formsetPPPoE() function located in the '/goform/formsetPPPoE' endpoint when the pppUserName argument is manipulated. A buffer overflow occurs when a program writes more data to a block of memory, or buffer, than it is allocated to hold, potentially leading to crashes or arbitrary code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, restrict access to the '/goform/formsetPPPoE' endpoint or avoid using the pppUserName parameter until a resolution is provided.