CVE 8.7 HIGH

Edimax EW-7438RPn webs formWpsStart stack-based overflow_CVE-2026-9344

May 23, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Stack-based buffer overflow vulnerability in Edimax EW-7438RPn up to 1.31, allowing remote attackers to execute arbitrary code via manipulation of the pinCode/wlan-url argument in the /goform/formWpsStart file.

Basic Information

ID CVE-2026-9344
Source VulDB
Published May 24, 2026 at 00:00

Affected Product

Vendor Edimax
Product EW-7438RPn
Version 1.0
Affected Versions Edimax EW-7438RPn 1.0
Edimax EW-7438RPn 1.1
Edimax EW-7438RPn 1.2
Edimax EW-7438RPn 1.3
Edimax EW-7438RPn 1.4
Edimax EW-7438RPn 1.5
Edimax EW-7438RPn 1.6
Edimax EW-7438RPn 1.7
Edimax EW-7438RPn 1.8
Edimax EW-7438RPn 1.9
Edimax EW-7438RPn 1.10
Edimax EW-7438RPn 1.11
Edimax EW-7438RPn 1.12
Edimax EW-7438RPn 1.13
Edimax EW-7438RPn 1.14
Edimax EW-7438RPn 1.15
Edimax EW-7438RPn 1.16
Edimax EW-7438RPn 1.17
Edimax EW-7438RPn 1.18
Edimax EW-7438RPn 1.19
Edimax EW-7438RPn 1.20
Edimax EW-7438RPn 1.21
Edimax EW-7438RPn 1.22
Edimax EW-7438RPn 1.23
Edimax EW-7438RPn 1.24
Edimax EW-7438RPn 1.25
Edimax EW-7438RPn 1.26
Edimax EW-7438RPn 1.27
Edimax EW-7438RPn 1.28
Edimax EW-7438RPn 1.29
Edimax EW-7438RPn 1.30
Edimax EW-7438RPn 1.31

CWE Classification

CWE-121 CWE-119

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Edimax
Product EW-7438RPn
Version 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17, 1.18, 1.19, 1.20, 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 1.28, 1.29, 1.30, 1.31

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.