Which versions of Edimax BR-6675nD are affected by CVE-2026-9401?

The Edimax BR-6675nD wireless router (firmware 1.12) contains a remotely exploitable buffer overflow in its web management interface that allows attackers with low-level credentials to corrupt device…

Is there a public PoC exploit available for CVE-2026-9401?

Yes, a public proof-of-concept exploit is available for CVE-2026-9401. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-9401?

Within 24 hours: Inventory all Edimax BR-6675nD routers across the organization and document their network location and management interface access points. Within 7 days: Implement network segmentation by restricting management interface access to a dedicated administrative network or VPN, and enforce strong authentication for any accounts with router administration privileges. Within 30 days: Develop a replacement plan for affected units with alternative router models from vendors maintaining active firmware support, or decommission units if replacement is not immediately feasible.

Edimax BR-6675nD CVE-2026-9401

Q: What is the CVSS score of CVE-2026-9401?

CVE-2026-9401 has a CVSS 4.0 base score of 7.4 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-31604 HIGH

Classic Buffer Overflow (CWE-120)

2026-05-24 VulDB

GHSA-54gg-frw3-mp2g

Buffer Overflow Br 6675Nd

7.4

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

7.4 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Jun 08, 2026 - 09:27 vuln.today

CVSS changed

May 26, 2026 - 19:37 NVD

8.8 (HIGH) 7.4 (HIGH)

DescriptionCVE.org

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Buffer overflow in the Edimax BR-6675nD 1.12 wireless router's web management interface allows remote attackers with low-level credentials to corrupt memory via a crafted pppUserName parameter sent to the /goform/formWanTcpipSetup endpoint. Publicly available exploit code exists (disclosed via VulDB and a Notion writeup), and SSVC rates the technical impact as total, though EPSS remains very low at 0.04%. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon

Identify exposed BR-6675nD admin interface

Delivery

Authenticate with low-privilege/default credentials

Exploit

POST oversized pppUserName to /goform/formWanTcpipSetup

Install

Overflow buffer in HTTP handler

Hijack control flow for code execution

Execute

Persist via firmware/config modification

Impact

Pivot to DNS hijack or LAN compromise