CVE 8.7 HIGH

Edimax EW-7438RPn formWpsProxyEnable stack-based overflow_CVE-2026-9462

May 25, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Stack-based buffer overflow vulnerability in Edimax EW-7438RPn 1.31 via the formWpsProxyEnable function, allowing remote attacks.

Basic Information

ID CVE-2026-9462

Source VulDB

Published May 25, 2026 at 13:30

Affected Product

Vendor Edimax

Product EW-7438RPn

Version 1.31

Affected Versions Edimax EW-7438RPn 1.31

CWE Classification

CWE-121 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Edimax

Product EW-7438RPn

Version 1.31

References

{
    "lastseen": "",
    "description": "A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-25T13:30:10.163Z",
    "modified": "2026-05-25T13:30:10.163Z",
    "type": "cve",
    "title": "Edimax EW-7438RPn formWpsProxyEnable stack-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365443\nhttps://vuldb.com/vuln/365443/cti\nhttps://vuldb.com/submit/813899\nhttps://github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_15/15.md",
    "id": "CVE-2026-9462",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Edimax EW-7438RPn 1.31",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EW-7438RPn",
    "version": "1.31",
    "vendor": "Edimax",
    "ai_description": "Stack-based buffer overflow vulnerability in Edimax EW-7438RPn 1.31 via the formWpsProxyEnable function, allowing remote attacks.",
    "ai_severity": "High",
    "ai_vendor": "Edimax",
    "ai_product": "EW-7438RPn",
    "ai_version": "1.31",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply