Skip to main content

Edimax BR-6428nC CVE-2026-7684

| EUVDEUVD-2026-26822 HIGH
Classic Buffer Overflow (CWE-120)
2026-05-03 VulDB
7.4
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Analysis Generated
May 03, 2026 - 07:40 vuln.today
CVSS changed
May 03, 2026 - 07:22 NVD
8.8 (HIGH) 7.4 (HIGH)
PoC Detected
May 03, 2026 - 07:16 vuln.today
Public exploit code
EUVD ID Assigned
May 03, 2026 - 07:15 euvd
EUVD-2026-26822
Analysis Generated
May 03, 2026 - 07:15 vuln.today
CVE Published
May 03, 2026 - 06:45 nvd
HIGH 7.4

DescriptionCVE.org

A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway  leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Buffer overflow in Edimax BR-6428nC router firmware (version 1.16 and earlier) allows authenticated remote attackers to execute arbitrary code via crafted pptpDfGateway parameter in the /goform/setWAN endpoint. A public proof-of-concept exploit exists demonstrating stack overflow exploitation. EPSS data not available, but the combination of remote attack vector, low complexity, and published exploit code indicates elevated real-world risk for exposed devices with default credentials.

Technical ContextAI

The vulnerability exists in the web management interface of the Edimax BR-6428nC wireless router, specifically affecting the setWAN configuration endpoint used for WAN/Internet connection settings. The pptpDfGateway parameter, intended to accept PPTP default gateway values, lacks proper input validation and boundary checking, allowing an attacker to overflow a stack-based buffer (CWE-120). This is a classic stack-based buffer overflow in embedded device firmware, where constrained memory environments and legacy C code often lack modern memory safety protections like stack canaries or ASLR. The CPE identifier cpe:2.3:a:edimax:br-6428nc:*:*:*:*:*:*:*:* confirms the affected product family, with version 1.16 explicitly mentioned as vulnerable.

RemediationAI

No vendor-released patch identified at time of analysis - Edimax did not respond to vulnerability disclosure. Organizations using BR-6428nC routers should implement defense-in-depth controls: (1) Disable remote/WAN-side administration completely and restrict web interface access to trusted LAN segments only via firewall rules or router ACLs, which prevents remote exploitation while maintaining local management capability but requires physical or VPN access for administration. (2) Change default administrative credentials to complex unique passwords (16+ characters) and enable account lockout if supported, reducing credential-based attack surface but not eliminating authenticated exploit risk. (3) Place affected routers behind a hardened perimeter firewall that performs deep packet inspection on administrative traffic, adding detection capability but introducing performance overhead and single point of failure. (4) Priority recommendation: replace with currently-supported router hardware from vendors with active security programs, as the combination of unpatched vulnerability, vendor non-responsiveness, and end-of-life status suggests systemic security risk beyond this single CVE. For detailed technical analysis of the exploit mechanism, see https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2 and VulDB entries at https://vuldb.com/vuln/360843.

Share

CVE-2026-7684 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy