HIGHCVE-2026-9462Published 2026-05-25Modified 2026-05-26CNA VulDB

CVE-2026-9462: Edimax EW-7438RPn formWpsProxyEnable stack-based overflow

A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS v4.0: 8.7
Severity: HIGH
Fixed in: —
Affected Products: 1

Affected packages

Edimax / EW-7438RPn
1.31

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

References

VDB-365443 | Edimax EW-7438RPn formWpsProxyEnable stack-based overflow
VDB-365443 | CTI Indicators (IOB, IOC, IOA)
Submit #813899 | Edimax EW-7438RPn 1.31 Stack-based Buffer Overflow
github.com

Metrics