CVE 8.7 HIGH

Edimax EW-7438RPn webs mp stack-based overflow_CVE-2026-9348

May 24, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unknown functionality of the file /goform/mp of the component webs. The manipulation of the argument webs results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Stack-based buffer overflow vulnerability in Edimax EW-7438RPn up to 1.31, allowing remote attackers to launch an attack via the /goform/mp file

Basic Information

ID CVE-2026-9348
Source VulDB
Published May 24, 2026 at 02:15

Affected Product

Vendor Edimax
Product EW-7438RPn
Version 1.0
Affected Versions Edimax EW-7438RPn 1.0
Edimax EW-7438RPn 1.1
Edimax EW-7438RPn 1.2
Edimax EW-7438RPn 1.3
Edimax EW-7438RPn 1.4
Edimax EW-7438RPn 1.5
Edimax EW-7438RPn 1.6
Edimax EW-7438RPn 1.7
Edimax EW-7438RPn 1.8
Edimax EW-7438RPn 1.9
Edimax EW-7438RPn 1.10
Edimax EW-7438RPn 1.11
Edimax EW-7438RPn 1.12
Edimax EW-7438RPn 1.13
Edimax EW-7438RPn 1.14
Edimax EW-7438RPn 1.15
Edimax EW-7438RPn 1.16
Edimax EW-7438RPn 1.17
Edimax EW-7438RPn 1.18
Edimax EW-7438RPn 1.19
Edimax EW-7438RPn 1.20
Edimax EW-7438RPn 1.21
Edimax EW-7438RPn 1.22
Edimax EW-7438RPn 1.23
Edimax EW-7438RPn 1.24
Edimax EW-7438RPn 1.25
Edimax EW-7438RPn 1.26
Edimax EW-7438RPn 1.27
Edimax EW-7438RPn 1.28
Edimax EW-7438RPn 1.29
Edimax EW-7438RPn 1.30
Edimax EW-7438RPn 1.31

CWE Classification

CWE-121 CWE-119

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Edimax
Product EW-7438RPn
Version 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 1.14, 1.15, 1.16, 1.17, 1.18, 1.19, 1.20, 1.21, 1.22, 1.23, 1.24, 1.25, 1.26, 1.27, 1.28, 1.29, 1.30, 1.31

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.