CVE-2026-7683
MEDIUM · 6.3PoC public but feeds only; no KEV, vendor silent, no wild exploitation signal yet.
What: Command injection in Edimax BR-6428nC router Web Interface (/goform/setWAN, pppUserName/pptpUserName parameter) affecting firmware up to v1.16; CVSS 6.3 MEDIUM.
Why it matters: Public PoC available and vendor non-responsive to early disclosure. Not yet KEV-listed. Affects consumer routers; exploit is remotely exploitable but requires network access to Web Interface (likely internal or exposed). Medium severity limits immediate urgency.
Where it's seen: Automated feed amplification (CVE feeds, vulnerability aggregators) on publication day; no independent researcher analysis or active exploitation reports visible. Chatter is advisory rebroadcast, not operational defender triage.
RISK: MODERATE — Public PoC, unpatched router, but limited attack surface and medium CVSS.
Public PoCs on GitHub 1 repo
- getquoteonline/NSNPartLookup.com-Lookup-Order-NSN-NIIN-Cage-Code-Parts ★ 0
NSNPartLookup.com – Lookup & Order NSN, NIIN, Cage Code Parts
Articles & coverage 15 articles
- CVE-2026-7683 - Exploits & Severity - Feedly
This vulnerability is handled as CVE-2026-7683 . The attack can be initiated remotely. Additionally, an exploit exists. The vendor was
- CVE-2026-7683 Edimax BR-6428nC Web setWAN command injection
This vulnerability is uniquely identified as CVE-2026-7683. The attack can be launched remotely. Moreover, an exploit is present. The vendor was
- NVD - CVE-2026-27683
| URL | Source(s) | Tag(s) | | --- | --- | --- | | | SAP SE | | | | SAP SE | | Weakness Enumeration | CWE-ID | CWE Name | Source | | --- | --- | --- | | CWE-79 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | SAP SE | Change History 1 change records found show changes **New CVE Received from SAP SE 4/13/2026 8:16:06 PM** | Action | Type | Old Value
- CVE-2017-7683 - CVE Details, Severity, and Analysis | Strobes VI
CVE-2017-7683 is a low severity vulnerability with a CVSS score of 0.0. No known public exploits at this time. Key Points.
- Rocky Linux openexr Significant Security Patch RLSA-2026-7683
Important security update available for OpenEXR on Rocky Linux 10 addressing arbitrary code execution risk.
› NVD details 2 CWE ·0 vendors · 6 refs expand
Description
A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
References
- https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pppUserName-Command-Injection-33db5c52018a80dab299ef508e810d00
- https://tzh00203.notion.site/Edimax-BR-6428nC-v1-16-setWAN-pptpUserName-Command-Injection-33db5c52018a80949cfbcc2091340c80
- https://vuldb.com/submit/801597
- https://vuldb.com/submit/801598
- https://vuldb.com/vuln/360842
- https://vuldb.com/vuln/360842/cti
Top posts driving the trend
@infoflowcloudX · 5/3/2026🚨*CVE* CVE-2026-7683 A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipula… https://t.co/3yoHSKxENx ----- Traducción: CVE-2026-7683 Se … https://t.co/utmtNgl3sv`
♥ 0 · ↻ 0 · 💬 0
@CVEnewX · 5/3/2026CVE-2026-7683 A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipula… https://t.co/NOzCm5F7LW
♥ 0 · ↻ 0 · 💬 0
@VulmonFeedsX · 5/3/2026CVE-2026-7683 Command Injection in Edimax BR-6428nC Web Interface via setWAN Par... https://t.co/Er5q1Xhkup Customizable Vulnerability Alerts: https://t.co/U7998fz7yk
♥ 0 · ↻ 0 · 💬 0