A critical buffer overflow vulnerability in the Edimax BR-6478AC router allows attackers to manipulate administrative credentials and potentially gain full control of the device.

This is a buffer overflow (CWE-120) occurring in the formUSBAccount function of the POST Request Handler. An attacker can manipulate UserName/Password arguments to trigger the overflow, leading to impact on confidentiality, integrity, and availability.

The CVSS score of 8.8 underscores the danger of this vulnerability, as it allows for unauthorized manipulation of the device. Successful exploitation could result in the theft of administrative credentials, unauthorized access to the local network, and potential service disruption.

Immediate Action: Update to the latest firmware version provided by Edimax to address the buffer overflow in the POST request handler.

Proactive Monitoring: Monitor network logs for unusual POST requests directed at the router's management interface.

Compensating Controls: Disable the USB account management features if possible and restrict management access to the router to a specific, trusted internal IP address.

Public Exploit Available: true

Because a public exploit exists for this buffer overflow, the device is at high risk of being targeted. Immediate patching or isolation of the device is strongly recommended to prevent unauthorized access and potential compromise.