CVE-2026-9427

HIGH

Edimax EW-7438RPn webs formWlSiteSurvey stack-based overflow

Title source: cna

Description

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-365408 | Edimax EW-7438RPn webs formWlSiteSurvey stack-based overflow

https://vuldb.com/vuln/365408

Signature, Permissions Required signature permissions-required

VDB-365408 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/vuln/365408/cti

Third Party Advisory third-party-advisory

Submit #813895 | Edimax EW-7438RPn 1.31 Stack-based Buffer Overflow

https://vuldb.com/submit/813895

Exploit exploit

https://github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_11/11.md

View Exploit ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0059

EPSS Percentile 43.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-119 CWE-121

Status published

Products (1)

Edimax/EW-7438RPn 1.31

Published May 25, 2026

Tracked Since May 25, 2026