Skip to main content

Edimax EW-7438RPn EUVDEUVD-2026-31573

| CVE-2026-9362 LOW
Command Injection (CWE-77)
2026-05-24 VulDB GHSA-fcv6-974v-wfp4
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
May 26, 2026 - 19:37 NVD
MEDIUM LOW
CVSS changed
May 26, 2026 - 19:37 NVD
6.3 (MEDIUM) 2.1 (LOW)
Analysis Generated
May 24, 2026 - 07:45 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max_Conn/timeOut leads to command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Command injection in Edimax EW-7438RPn 1.12 allows authenticated remote attackers to execute arbitrary operating system commands via the max_Conn and timeOut parameters in the formConnectionSetting endpoint. The vulnerability requires low-privilege authentication but no user interaction, with public exploit code available. EPSS data not available; vendor unresponsive to disclosure.

Technical ContextAI

The vulnerability resides in the Setting Handler component's formConnectionSetting function at /goform/formConnectionSetting. This is a classic command injection flaw (CWE-77) where user-supplied input from the max_Conn and timeOut parameters is passed unsanitized to a system shell command interpreter. The affected product is the Edimax EW-7438RPn wireless range extender running firmware version 1.12 (cpe:2.3:a:edimax:ew-7438rpn:*:*:*:*:*:*:*:*). Command injection vulnerabilities in embedded networking devices are particularly severe because they typically run with root privileges and offer direct access to the underlying Linux operating system, enabling full device compromise.

RemediationAI

No vendor-released patch is available for this vulnerability. The vendor (Edimax) did not respond to early disclosure attempts, indicating no official fix is forthcoming. Organizations must implement compensating controls: (1) Disable remote management access to the device's web interface entirely and restrict access to trusted local network segments only - side effect: eliminates remote administration capability; (2) Place devices behind network access controls (firewall rules, VLANs) limiting access to authorized administrator IP addresses only - requires infrastructure changes and may complicate legitimate remote management; (3) Change default administrative credentials to strong unique passwords to mitigate credential-based attacks that provide the required PR:L access - attackers with existing access can still exploit; (4) Monitor device logs for suspicious formConnectionSetting POST requests with unusual max_Conn or timeOut parameter values - requires log aggregation infrastructure; (5) Consider replacing affected devices with actively supported models from vendors with established security response programs. See VulDB entry https://vuldb.com/vuln/365325 for ongoing updates.

CVE-2026-9346 HIGH POC
7.4 May 24

Buffer overflow in Edimax EW-7438RPn WiFi range extender firmware up to version 1.31 enables authenticated remote attack

CVE-2026-9345 HIGH POC
7.4 May 24

Buffer overflow in Edimax EW-7438RPn WiFi range extender firmware versions up to 1.31 enables authenticated remote attac

CVE-2026-9482 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn 1.31 wireless range extender allows remote attackers with low-privi

CVE-2026-9481 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn Wi-Fi range extender (firmware 1.31) allows remote authenticated at

CVE-2026-9480 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn 1.31 Wi-Fi range extender allows remote attackers with low privileg

CVE-2026-9479 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn Wi-Fi range extender (firmware 1.31) allows authenticated remote at

CVE-2026-9463 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn 1.31 range extender allows remote authenticated attackers to corrup

CVE-2026-9462 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn 1.31 wireless range extender enables remote low-privileged attacker

CVE-2026-9461 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn Wi-Fi range extender (firmware 1.31) allows remote authenticated at

CVE-2026-9460 HIGH POC
7.4 May 25

Stack-based buffer overflow in Edimax EW-7438RPn 1.31 range extenders allows authenticated remote attackers to corrupt m

CVE-2026-9459 HIGH POC
7.4 May 25

Stack-based buffer overflow in the Edimax EW-7438RPn 1.31 wireless range extender allows remote attackers with low privi

CVE-2026-9427 HIGH POC
7.4 May 25

Stack-based buffer overflow in Edimax EW-7438RPn 1.31 wireless range extenders allows remote authenticated attackers to

Share

EUVD-2026-31573 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy