A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
PUBLISHED5.2CWE-120CWE-119
Edimax BR-6428nC setWAN buffer overflow
Problem type
Affected products
Edimax
BR-6428nC
1.0 - AFFECTED
1.1 - AFFECTED
1.2 - AFFECTED
1.3 - AFFECTED
1.4 - AFFECTED
1.5 - AFFECTED
1.6 - AFFECTED
1.7 - AFFECTED
1.8 - AFFECTED
1.9 - AFFECTED
1.10 - AFFECTED
1.11 - AFFECTED
1.12 - AFFECTED
1.13 - AFFECTED
1.14 - AFFECTED
1.15 - AFFECTED
1.16 - AFFECTED
References
VDB-360843 | Edimax BR-6428nC setWAN buffer overflow
https://vuldb.com/vuln/360843
VDB-360843 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/360843/cti
Submit #801599 | Edimax BR-6428nC v1.16 Buffer Overflow
https://vuldb.com/submit/801599
tzh00203.notion.site
https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2
GitHub Security Advisories
GHSA-fwq2-3mp4-crxg
A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an...
https://github.com/advisories/GHSA-fwq2-3mp4-crxgA security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2026-7684
tzh00203.notion.site
https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2
vuldb.com
https://vuldb.com/submit/801599
vuldb.com
https://vuldb.com/vuln/360843
vuldb.com
https://vuldb.com/vuln/360843/cti
github.com
https://github.com/advisories/GHSA-fwq2-3mp4-crxg
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-7684Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-7684",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-05-03T06:45:10.650Z",
"dateReserved": "2026-05-02T11:05:22.746Z",
"datePublished": "2026-05-03T06:45:10.650Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-05-03T06:45:10.650Z"
},
"title": "Edimax BR-6428nC setWAN buffer overflow",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"affected": [
{
"vendor": "Edimax",
"product": "BR-6428nC",
"versions": [
{
"version": "1.0",
"status": "affected"
},
{
"version": "1.1",
"status": "affected"
},
{
"version": "1.2",
"status": "affected"
},
{
"version": "1.3",
"status": "affected"
},
{
"version": "1.4",
"status": "affected"
},
{
"version": "1.5",
"status": "affected"
},
{
"version": "1.6",
"status": "affected"
},
{
"version": "1.7",
"status": "affected"
},
{
"version": "1.8",
"status": "affected"
},
{
"version": "1.9",
"status": "affected"
},
{
"version": "1.10",
"status": "affected"
},
{
"version": "1.11",
"status": "affected"
},
{
"version": "1.12",
"status": "affected"
},
{
"version": "1.13",
"status": "affected"
},
{
"version": "1.14",
"status": "affected"
},
{
"version": "1.15",
"status": "affected"
},
{
"version": "1.16",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Buffer Overflow",
"cweId": "CWE-120",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Memory Corruption",
"cweId": "CWE-119",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/vuln/360843",
"name": "VDB-360843 | Edimax BR-6428nC setWAN buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/vuln/360843/cti",
"name": "VDB-360843 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/submit/801599",
"name": "Submit #801599 | Edimax BR-6428nC v1.16 Buffer Overflow",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2",
"tags": [
"exploit"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"baseScore": 9
}
}
],
"timeline": [
{
"time": "2026-05-02T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-05-02T02:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-05-02T13:10:42.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "tian (VulDB User)",
"type": "reporter"
},
{
"lang": "en",
"value": "VulDB CNA Team",
"type": "coordinator"
}
]
}
}
}