A vulnerability categorized as critical has been discovered in Edimax BR-6428NS 1.10 . The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler . Such manipulation of the argument pppUserName leads to buffer overflow. This vulnerability is referenced as CVE-2026-9294 . It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond