CVE 8.7 HIGH

Edimax EW-7438RPn formConnectionSetting stack-based overflow_CVE-2026-9459

May 25, 2026 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max_Conn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

AI Analysis

Stack-based buffer overflow vulnerability in Edimax EW-7438RPn 1.31 via the formConnectionSetting function, allowing remote attackers to exploit the vulnerability.

Basic Information

ID CVE-2026-9459

Source VulDB

Published May 25, 2026 at 12:45

Affected Product

Vendor Edimax

Product EW-7438RPn

Version 1.31

Affected Versions Edimax EW-7438RPn 1.31

CWE Classification

CWE-121 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Edimax

Product EW-7438RPn

Version 1.31

References

{
    "lastseen": "",
    "description": "A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max_Conn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2026-05-25T12:45:08.381Z",
    "modified": "2026-05-25T12:45:08.381Z",
    "type": "cve",
    "title": "Edimax EW-7438RPn formConnectionSetting stack-based overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/365440\nhttps://vuldb.com/vuln/365440/cti\nhttps://vuldb.com/submit/813896\nhttps://github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_12/12.md",
    "id": "CVE-2026-9459",
    "bulletinFamily": "",
    "cwe": [
        "CWE-121",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Edimax EW-7438RPn 1.31",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EW-7438RPn",
    "version": "1.31",
    "vendor": "Edimax",
    "ai_description": "Stack-based buffer overflow vulnerability in Edimax EW-7438RPn 1.31 via the formConnectionSetting function, allowing remote attackers to exploit the vulnerability.",
    "ai_severity": "High",
    "ai_vendor": "Edimax",
    "ai_product": "EW-7438RPn",
    "ai_version": "1.31",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply