CVE-2026-13582

The CVE concerns the Edimax EW-7478APC (firmware 1.04) where the POST request handler’s /goform/formUSBAccount function manipulates the UserName/Password arguments, causing a buffer overflow. This vulnerability enables remote execution with network access and was reported as exploitable in the wi...

CVE-2026-13564

Summary: CVE-2026-13564 affects Edimax EW-7478APC firmware 1.04, specifically the POST Request Handler’s formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, enabling remote attacker access. Public exploit reportedly exists and the vendor did not ...

EUVD-2026-40073

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

CVE-2026-13561 Edimax EW-7478APC POST Request formiNICbasic os command injection

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...