This vulnerability exists because the PPPoE feature does not properly handle an error condition within a specific crafted packet sequence. An attacker could exploit this vulnerability by sending a sequence of specific PPPoE packets from controlled customer premises equipment (CPE).