A flaw has been found in Edimax BR-6428NS 1.10
A buffer overflow vulnerability has been discovered in the Edimax BR-6428NS router, version 1.10, allowing an attacker to potentially execute arbitrary code. The vulnerability is located in the formL2TPSetup function of the POST Request Handler and can be exploited remotely by manipulating the L2TPUserName argument.
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Users of the Edimax BR-6428NS router, version 1.10, are at high risk of buffer overflow attacks, which can lead to severe consequences, including code execution and system compromise.
Remediation Recommended
This vulnerability carries significant risk. Schedule patching in your next cycle.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0
Affected Products
4
References
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact