Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable endpoint, low-complexity injection, PR:L authentication required; OS command injection yields full C/I/A impact on the device.
Primary rating from Vendor (vuldb).
CVSS VectorVendor: vuldb
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
OS command injection in the Edimax EW-7478APC wireless access point (firmware 1.04) allows remote attackers with low-privilege credentials to execute arbitrary operating system commands by manipulating the rootAPmac parameter in a POST request to /goform/formiNICbasic. A public proof-of-concept exploit is available, materially lowering the barrier to exploitation. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network-level access to the EW-7478APC web management interface (TCP port 80 or 443) and a valid low-privilege account on the device (confirmed by PR:L in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The submitted CVSS 4.0 score of 2.1 (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L) appears to severely underrate the real-world impact of arbitrary OS command injection on embedded firmware - the low VC/VI/VA ratings are inconsistent with full shell access to a device. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker authenticated to the EW-7478APC web management interface with low-privilege credentials submits a crafted POST request to /goform/formiNICbasic, embedding OS shell metacharacters (e.g., semicolons or backticks) within the rootAPmac field value. The firmware's formiNICbasic handler passes the unsanitized value to a system-level call, causing the injected commands to execute under the web server process's privilege context on the device. … |
| Remediation | No vendor-released patch has been identified at time of analysis - the vendor was unresponsive to disclosure, and no fix version is confirmed from any reference. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-77 – Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-40072
GHSA-7w25-hjpp-83w9