Skip to content
CVSS 8.8 · HIGH

CVE-2026-7685

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway  results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

View on NVD

Analysis

This is a buffer overflow vulnerability specifically affecting the Edimax BR-6208AC consumer router. It is vendor-specific hardware firmware that does not impact the software development lifecycle, cloud infrastructure, or common developer tooling.

Severity

Score: 8.8(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AV: NETWORK
AC: LOW
PR: LOW
UI: NONE
S: UNCHANGED
C: HIGH
I: HIGH
A: HIGH
Weakness (CWE): CWE-119CWE-120

EPSS

Probability of exploitation (next 30 days): 0.0004 (0.0%)
Percentile: 12.3%
EPSS: 2026-05-06

Technical description

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway  results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 5/3/2026, 7:16:25 AM
Last modified: 5/5/2026, 7:30:15 PM

References

HomeEventsBlogResourcesTeam