CVE-2026-12806 | Edimax BR-6478AC V2 1.23 POST Request /goform/formWlSiteSurvey selSSID buffer overflow

A vulnerability has been found in Edimax BR-6478AC V2 1.23 and classified as critical. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow.

This vulnerability is traded as CVE-2026-12806. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-12806 | Edimax BR-6478AC V2 1.23 POST Request /goform/formWlSiteSurvey selSSID buffer overflow

Post correlati

CVE-2025-0110 | Palo Alto PAN-OS OpenConfig Plugin up to 2.1.1 Management Web Interface os command injection

CVE-2024-25119 | TYPO3 Install Tool information disclosure

CVE-2026-48591 | pragdave earmark up to 1.4.1 lib/earmark/transform.ex cross site scripting

CVE-2024-6935 | formtools.org Form Tools 3.1.1 User Settings Page /admin/clients/ cross site scripting