Skip to main content

Edimax EW-7478APC EUVDEUVD-2026-40075

| CVE-2026-13564 HIGH
Buffer Overflow (CWE-119)
2026-06-29 cna@vuldb.com GHSA-j79x-62f4-fvpw
7.4
CVSS 4.0 · Vendor: vuldb
Share

Severity by source

Vendor (vuldb) PRIMARY
7.4 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.8 HIGH

Network-reachable web handler (AV:N) with low complexity, but the formPPPoESetup config endpoint requires low-privilege management access (PR:L); buffer overflow yields full compromise potential, so C/I/A:H.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (vuldb).

CVSS VectorVendor: vuldb

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 29, 2026 - 12:31 vuln.today

DescriptionCVE.org

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Stack-based buffer overflow in the Edimax EW-7478APC wireless access point (firmware 1.04) lets remote attackers corrupt memory via an oversized pppUserName parameter sent to the formPPPoESetup handler at /goform/formPPPoESetup, potentially leading to crash or arbitrary code execution on the device. Publicly available exploit code exists, but there is no public exploit identified as actively used in the wild. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate to AP web interface
Delivery
Craft POST to /goform/formPPPoESetup
Exploit
Overflow pppUserName stack buffer
Execution
Overwrite saved return address
Impact
Execute code or crash device

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to reach the device's HTTP management interface and submit a POST request to the /goform/formPPPoESetup handler with a manipulated pppUserName argument; per the CVSS vector (PR:L) the attacker needs low-level privileges/authentication to that interface, so it is not anonymous. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor-supplied CVSS 4.0 base score is 7.4 with vector AV:N/AC:L/AT:N/PR:L/UI:N and high confidentiality/integrity/availability impact, and the E:P (Proof-of-Concept) threat metric confirms exploit code exists. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with low-level access to the access point's web management interface (for example via default or weak credentials, or an existing operator session) sends a crafted POST request to /goform/formPPPoESetup containing an overlong pppUserName value. The oversized value overflows a fixed-size stack buffer, overwriting the saved return address and crashing the device or, on firmware lacking stack protections, redirecting execution to attacker-controlled code. …
Remediation No vendor-released patch identified at time of analysis - Edimax was contacted early in the disclosure process but did not respond, so no fixed firmware version exists to cite. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Audit inventory for Edimax EW-7478APC devices running firmware 1.04; catalog which network user accounts have authentication access to these devices. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-40075 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy