CVE 8.7 HIGH

Edimax EW-7478APC POST Request formL2TPSetup stack-based overflow_CVE-2026-13563

8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Stack-based buffer overflow vulnerability in Edimax EW-7478APC 1.04 via manipulation of the L2TPUserName argument in the formL2TPSetup function, allowing remote exploitation.

Basic Information

ID CVE-2026-13563
Source VulDB
Published Jun 29, 2026 at 11:30

Affected Product

Vendor Edimax
Product EW-7478APC
Version 1.04
Affected Versions Edimax EW-7478APC 1.04

CWE Classification

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Edimax
Product EW-7478APC
Version 1.04

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.