A vulnerability, which was classified as critical , has been found in Edimax EW-7478APC 1.04 . Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler . Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. This vulnerability is identified as CVE-2026-13564 . The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond