CVE-2026-9403
published 2026-05-24CVE-2026-9403: A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the…
PriorityP264high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.45%
35.6th percentile
A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| edimax | br-6675nd | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.07.4HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
cvelistv5v4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-69c3-9259-5w7w: A vulnerability was determined in Edimax BR-6675nD 1
ghsa_unreviewed·2026-05-26
CVE-2026-9403 [HIGH] CWE-119 GHSA-69c3-9259-5w7w: A vulnerability was determined in Edimax BR-6675nD 1
A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
VulDB
Edimax BR-6675nD 1.12 POST Request /goform/formWlSiteSurvey selSSID buffer overflow
vuldb·2026-05-24
CVE-2026-9403 [CRITICAL] Edimax BR-6675nD 1.12 POST Request /goform/formWlSiteSurvey selSSID buffer overflow
A vulnerability marked as critical has been reported in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow.
This vulnerability appears as CVE-2026-9403. The attack may be initiated remotely. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.
CVEList
Edimax BR-6675nD POST Request formWlSiteSurvey buffer overflow
cvelistv5·2026-05-24·CVSS 8.7
CVE-2026-9403 [HIGH] CWE-120 Edimax BR-6675nD POST Request formWlSiteSurvey buffer overflow
Edimax BR-6675nD POST Request formWlSiteSurvey buffer overflow
A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Timeline: 2026-05-24: Advisory disclosed; 2026-05-24: VulDB entry created; 2026-05-24: VulDB entry last update
No detection rules found.
No public exploits indexed.
2026-05-24
Published