top of page
perceptive_background_267k.jpg

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST R…

Published:

29 May 2026 at 22:00:00

Alert date:

30 May 2026 at 18:00:30

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Mobile & IoT

A critical security vulnerability (CVE-2026-10126) has been discovered in Edimax BR-6478AC router firmware version 1.23. The vulnerability affects the formQoS function in the /goform/formQoS file of the POST Request Handler component. An attacker can exploit this flaw by manipulating the selSSID argument, which leads to a buffer overflow condition. The vulnerability can be exploited remotely, making it particularly dangerous. A public exploit has been released and is available for use in attacks, significantly increasing the risk to affected devices. This vulnerability poses a high security risk due to its remote exploitability and the availability of public exploit code.

Technical details

Mitigation steps:

Affected products:

Edimax BR-6478AC

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-10126
https://lavender-bicycle-a5a.notion.site/EDIMAX-BR6478ACV2-formQoS-34b53a41781f804e9ddfe771c426d9b2?source=copy_link
https://vuldb.com/submit/818454
https://vuldb.com/vuln/367303
https://vuldb.com/vuln/367303/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page