CVE-2026-7682
MEDIUM · 6.3PoC public and vendor unresponsive, but no KEV listing or active exploitation signal.
What: Command injection in Edimax BR-6208AC 1.02 L2TP mode via L2TPUserName parameter in /goform/setWAN endpoint (CVSS 6.3 MEDIUM).
Why it matters: Public PoC released; vendor unresponsive to early disclosure. Not KEV-listed yet. Low-end CVSS and lack of urgent patching or active in-the-wild reports suggest limited immediate impact, but unauthenticated remote code execution on consumer routers warrants triage for exposed devices.
Where it's seen: Standard CVE feed amplification (automated feeds and security news accounts). No defender questions, no exploit-in-the-wild confirmation, no vendor advisory.
RISK: ELEVATED — Unauthenticated RCE on routers; public PoC; vendor silent.
Public PoCs on GitHub 1 repo
- getquoteonline/NSNPartLookup.com-Lookup-Order-NSN-NIIN-Cage-Code-Parts ★ 0
NSNPartLookup.com – Lookup & Order NSN, NIIN, Cage Code Parts
Articles & coverage 15 articles
- CVE-2026-7682 Edimax BR-6208AC L2TP Mode setWAN ...
This vulnerability is handled as CVE-2026-7682. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was
- CVE 2026 — The Vulnerabilities That Matter Most Right Now
# CVE 2026 — The Vulnerabilities That Matter Most Right Now. The search for “CVE 2026” looks broad on the surface, but the people typing it into Google are usually not looking for an encyclopedia of numbers. They lose because they treated every CVE as equal, patched by score instead of exploit reality, and discovered too late that the issues that changed their week were not generic application bug
- 0xMarcio/cve: Latest CVEs with their Proof of Concept exploits.
| 258⭐ | 3 days ago | [CVE-2026-21858](https://github.com/Chocapikk/CVE-2026-21858) | n8n Ni8mare - Unauthenticated Arbitrary File Read to RCE Chain (CVSS 10.0) |. | 204⭐ | 3 days ago | [CVE-2026-24061](https://github.com/SafeBreach-Labs/CVE-2026-24061) | Exploitation of CVE-2026-24061 |. | 2443⭐ | 4 days ago | [CVE-2024-1086](https://github.com/Notselwyn/CVE-2024-1086) | Universal local privilege
- Oracle Linux 10 : openexr (ELSA-2026-7682) | Tenable®
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-7682 advisory.
- AlmaLinux 10 : openexr (ALSA-2026:7682) | Tenable®
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:7682 advisory. * openexr
› NVD details 2 CWE ·0 vendors · 4 refs expand
Description
A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Top posts driving the trend
@infoflowcloudX · 5/3/2026🚨*CVE* CVE-2026-7682 A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The man… https://t.co/Sm0JvoXvZx ----- Traducción: CVE-2026-7682 Se … https://t.co/utmtNgl3sv`
♥ 0 · ↻ 0 · 💬 0
@CVEnewX · 5/3/2026CVE-2026-7682 A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The man… https://t.co/2biUqmSglc
♥ 0 · ↻ 0 · 💬 0
@VulmonFeedsX · 5/3/2026CVE-2026-7682 Command Injection in Edimax BR-6208AC 1.02 L2TP Mode setWAN Function https://t.co/DyiqwU5Q9M
♥ 0 · ↻ 0 · 💬 0