Skip to main content

Edimax EW-7478APC EUVDEUVD-2026-40073

| CVE-2026-13562 HIGH
Buffer Overflow (CWE-119)
2026-06-29 cna@vuldb.com GHSA-7257-9x75-2ph5
7.4
CVSS 4.0 · Vendor: vuldb
Share

Severity by source

Vendor (vuldb) PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.8 HIGH

Network-reachable goform handler needs a low-privilege authenticated session (PR:L) and no user interaction; memory corruption yields full device C/I/A impact with unchanged scope.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 29, 2026 - 12:32 vuln.today

DescriptionCVE.org

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Memory corruption in the Edimax EW-7478APC wireless access point (firmware 1.04) lets a remote, low-privileged user overflow a buffer by submitting an oversized selSSID value to the /goform/formiNICSiteSurvey POST handler. Publicly available exploit code exists, and the vendor did not respond to disclosure, leaving deployed devices without an official fix. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach web UI with low-priv credentials
Delivery
Craft POST to /goform/formiNICSiteSurvey
Exploit
Send oversized selSSID parameter
Execution
Overflow fixed-size buffer
Persist
Corrupt process memory
Impact
Crash device or execute code

Vulnerability AssessmentAI

Exploitation Exploitation requires network access to the device's web management interface plus a valid low-privileged authenticated session (CVSS PR:L) - the attacker must be able to reach and POST to the /goform/formiNICSiteSurvey endpoint and supply an attacker-controlled selSSID value, with the specific trigger being an oversized selSSID argument. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-supplied CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H) scores 7.4 (High): network-reachable, low complexity, no user interaction, and full confidentiality/integrity/availability impact on the device - but PR:L means a valid low-privilege session on the management interface is required, which meaningfully shrinks the attacker population versus a pre-auth bug. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained low-privilege access to the EW-7478APC web UI (e.g., via default or weak credentials, or a device left reachable on a flat network) sends a crafted POST request to /goform/formiNICSiteSurvey with an overlong selSSID parameter. The oversized value overflows the handler's buffer, crashing the management process (denial of service) or, with a tailored payload, redirecting execution to run attacker code on the device. …
Remediation No vendor-released patch identified at time of analysis - the vendor was contacted early but did not respond, and no fixed firmware version is published in the available data. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Inventory all Edimax EW-7478APC units in production, confirm firmware version 1.04 deployment status, assess network criticality, and restrict administrative access to affected devices. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40073 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy