Skip to main content

Edimax EW-7478APC CVE-2026-13561

| EUVDEUVD-2026-40072 LOW
Command Injection (CWE-77)
2026-06-29 cna@vuldb.com GHSA-7w25-hjpp-83w9
2.1
CVSS 4.0 · Vendor: vuldb

Severity by source

Vendor (vuldb) PRIMARY
2.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.8 HIGH

Network-reachable endpoint, low-complexity injection, PR:L authentication required; OS command injection yields full C/I/A impact on the device.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 29, 2026 - 12:33 vuln.today

DescriptionCVE.org

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

OS command injection in the Edimax EW-7478APC wireless access point (firmware 1.04) allows remote attackers with low-privilege credentials to execute arbitrary operating system commands by manipulating the rootAPmac parameter in a POST request to /goform/formiNICbasic. A public proof-of-concept exploit is available, materially lowering the barrier to exploitation. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Access device management interface over network
Delivery
Authenticate with low-privilege credentials
Exploit
Craft POST request to /goform/formiNICbasic
Execution
Inject shell metacharacters into rootAPmac parameter
Persist
Trigger OS command execution on firmware
Impact
Achieve full device control

Vulnerability AssessmentAI

Exploitation Exploitation requires network-level access to the EW-7478APC web management interface (TCP port 80 or 443) and a valid low-privilege account on the device (confirmed by PR:L in the CVSS 4.0 vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The submitted CVSS 4.0 score of 2.1 (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L) appears to severely underrate the real-world impact of arbitrary OS command injection on embedded firmware - the low VC/VI/VA ratings are inconsistent with full shell access to a device. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker authenticated to the EW-7478APC web management interface with low-privilege credentials submits a crafted POST request to /goform/formiNICbasic, embedding OS shell metacharacters (e.g., semicolons or backticks) within the rootAPmac field value. The firmware's formiNICbasic handler passes the unsanitized value to a system-level call, causing the injected commands to execute under the web server process's privilege context on the device. …
Remediation No vendor-released patch has been identified at time of analysis - the vendor was unresponsive to disclosure, and no fix version is confirmed from any reference. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-13561 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy