CVE-2026-8775 | Edimax BR-6428NS 1.10 POST Request /goform/formL2TPSetup L2TPUserName buffer overflow

A vulnerability was found in Edimax BR-6428NS 1.10. It has been rated as critical. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow.

The identification of this vulnerability is CVE-2026-8775. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-8775 | Edimax BR-6428NS 1.10 POST Request /goform/formL2TPSetup L2TPUserName buffer overflow

Post correlati

CVE-2025-14566 | kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464 reg.php USN sql injection

CVE-2025-14594 | GitLab Community Edition/Enterprise Edition up to 18.6.5/18.7.3/18.8.3 API authorization

CVE-2024-32841 | Ivanti EPM 2024/up to 2022 SU5 sql injection

CVE-2025-33132 | IBM DB2 High Performance Unload up to 6.5.0.0 IF1 sizeof() on a pointer type