A critical buffer overflow vulnerability in the Edimax BR-6478AC router poses a significant risk of remote code execution and system compromise.

This is a buffer overflow vulnerability located in the formQoS function of the /goform/formQoS component. The flaw is exploitable via the selSSID argument through a POST request, likely requiring no authentication to trigger.

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the affected router. Given the CVSS score of 8.8 (High), this represents a severe risk that could lead to full device takeover, unauthorized network access, and potential interception of sensitive traffic, resulting in significant reputational and operational damage.

Immediate Action: Check the official Edimax support portal for firmware updates addressing this vulnerability. If no patch is available, isolate the device from public-facing networks.

Proactive Monitoring: Review device access logs for unusual POST requests directed at /goform/formQoS. Monitor network traffic for anomalous patterns indicative of buffer overflow attempts.

Compensating Controls: Implement a Web Application Firewall (WAF) or ingress filtering to block malicious POST requests targeting the identified vulnerable URL parameters.

Public Exploit Available: True

The high severity of this vulnerability, combined with the presence of public exploit code, necessitates immediate action. Organizations should prioritize patching or replacing affected devices to prevent unauthorized access. If a patch is unavailable, the device must be removed from the perimeter or strictly firewalled to mitigate exposure.