Which versions of Edimax BR-6208AC are affected by CVE-2026-7685?

CVE-2026-7685 is a high-severity buffer overflow affecting Edimax BR-6208AC routers (firmware 1.02) that allows authenticated attackers to achieve complete device compromise through a crafted…

Is there a public PoC exploit available for CVE-2026-7685?

Yes, a public proof-of-concept exploit is available for CVE-2026-7685. Prioritise patching immediately. EPSS: 0.0%.

Edimax BR-6208AC CVE-2026-7685

Q: What is the CVSS score of CVE-2026-7685?

CVE-2026-7685 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-26823 HIGH

Classic Buffer Overflow (CWE-120)

2026-05-03 VulDB

Buffer Overflow

7.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 03, 2026 - 07:40 vuln.today

CVSS changed

May 03, 2026 - 07:22 NVD

8.8 (HIGH) 7.4 (HIGH)

PoC Detected

May 03, 2026 - 07:16 vuln.today

Public exploit code

EUVD ID Assigned

May 03, 2026 - 07:15 euvd

EUVD-2026-26823

Analysis Generated

May 03, 2026 - 07:15 vuln.today

CVE Published

May 03, 2026 - 07:00 nvd

HIGH 7.4

DescriptionNVD

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Buffer overflow in Edimax BR-6208AC router firmware version 1.02 allows authenticated remote attackers to achieve complete system compromise via crafted pptpDfGateway parameter to /goform/setWAN endpoint. Public exploit code exists (EPSS probability unknown, not in CISA KEV). …

RemediationAI

Within 24 hours: Inventory all Edimax BR-6208AC devices running firmware 1.02 in your environment and document their network exposure and criticality. Within 7 days: Isolate affected routers from production networks or restrict management interface access to a dedicated administrative VLAN with strict ingress controls; contact Edimax support to confirm end-of-life status and request security updates. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-7685 vulnerability details – vuln.today

Back

Edimax BR-6208AC CVE-2026-7685

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

Edimax BR-6208AC CVE-2026-7685

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code