Edimax BR-6208AC setWAN buffer overflow

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Problem type

Affected products

Edimax

BR-6208AC

1.02 - AFFECTED

References

VDB-360844 | Edimax BR-6208AC setWAN buffer overflow

https://vuldb.com/vuln/360844

vdb-entrytechnical-description

VDB-360844 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/360844/cti

signaturepermissions-required

Submit #801606 | Edimax BR-6208AC V2_1.02 Buffer Overflow

https://vuldb.com/submit/801606

third-party-advisory

tzh00203.notion.site

https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2

exploit

GitHub Security Advisories

GHSA-m7m6-w47h-whg2

A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of...

https://github.com/advisories/GHSA-m7m6-w47h-whg2

nvd.nist.gov

https://nvd.nist.gov/vuln/detail/CVE-2026-7685

tzh00203.notion.site

https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2

vuldb.com

https://vuldb.com/submit/801606

vuldb.com

https://vuldb.com/vuln/360844

vuldb.com

https://vuldb.com/vuln/360844/cti

github.com

https://github.com/advisories/GHSA-m7m6-w47h-whg2

JSON source

https://cveawg.mitre.org/api/cve/CVE-2026-7685

Click to expand

{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2026-7685",
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "dateUpdated": "2026-05-03T07:00:12.291Z",
    "dateReserved": "2026-05-02T11:05:41.120Z",
    "datePublished": "2026-05-03T07:00:12.291Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB",
        "dateUpdated": "2026-05-03T07:00:12.291Z"
      },
      "title": "Edimax BR-6208AC setWAN buffer overflow",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway  results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
        }
      ],
      "affected": [
        {
          "vendor": "Edimax",
          "product": "BR-6208AC",
          "cpes": [
            "cpe:2.3:o:edimax:br-6208ac_firmware:*:*:*:*:*:*:*:*"
          ],
          "versions": [
            {
              "version": "1.02",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Buffer Overflow",
              "cweId": "CWE-120",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "Memory Corruption",
              "cweId": "CWE-119",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://vuldb.com/vuln/360844",
          "name": "VDB-360844 | Edimax BR-6208AC setWAN buffer overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ]
        },
        {
          "url": "https://vuldb.com/vuln/360844/cti",
          "name": "VDB-360844 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ]
        },
        {
          "url": "https://vuldb.com/submit/801606",
          "name": "Submit #801606 | Edimax BR-6208AC V2_1.02 Buffer Overflow",
          "tags": [
            "third-party-advisory"
          ]
        },
        {
          "url": "https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpDfGateway-Stack-Overflow-33db5c52018a80c1835dd4fab4b6c7f2",
          "tags": [
            "exploit"
          ]
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV3_0": {
            "version": "3.0",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
            "baseScore": 8.8,
            "baseSeverity": "HIGH"
          }
        },
        {
          "cvssV2_0": {
            "version": "2.0",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
            "baseScore": 9
          }
        }
      ],
      "timeline": [
        {
          "time": "2026-05-02T00:00:00.000Z",
          "lang": "en",
          "value": "Advisory disclosed"
        },
        {
          "time": "2026-05-02T02:00:00.000Z",
          "lang": "en",
          "value": "VulDB entry created"
        },
        {
          "time": "2026-05-02T13:10:47.000Z",
          "lang": "en",
          "value": "VulDB entry last update"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "tian (VulDB User)",
          "type": "reporter"
        },
        {
          "lang": "en",
          "value": "VulDB CNA Team",
          "type": "coordinator"
        }
      ]
    }
  }
}