CVE 8.7 HIGH

Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow_CVE-2026-9360

May 24, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Buffer overflow vulnerability in Edimax EW-7438RPn via the formwlencrypt24g function, allowing remote attacks.

Basic Information

ID CVE-2026-9360

Source VulDB

Published May 24, 2026 at 06:15

Affected Product

Vendor Edimax

Product EW-7438RPn

Version 1.28a

Affected Versions Edimax EW-7438RPn 1.28a

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Edimax

Product EW-7438RPn

Version 1.28a

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-24T06:15:08.997Z",
    "modified": "2026-05-24T06:15:08.997Z",
    "type": "cve",
    "title": "Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365323\nhttps://vuldb.com/vuln/365323/cti\nhttps://vuldb.com/submit/811544\nhttps://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7438RPn-Mini-formwlencrypt24g-34b53a41781f808c99bcd687b351750b?source=copy_link",
    "id": "CVE-2026-9360",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Edimax EW-7438RPn 1.28a",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EW-7438RPn",
    "version": "1.28a",
    "vendor": "Edimax",
    "ai_description": "Buffer overflow vulnerability in Edimax EW-7438RPn via the formwlencrypt24g function, allowing remote attacks.",
    "ai_severity": "High",
    "ai_vendor": "Edimax",
    "ai_product": "EW-7438RPn",
    "ai_version": "1.28a",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply