CVE-2026-9362

CVE-2026-9362: Edimax EW-7438RPn firmware 1.12 has a command-injection in the Setting Handler’s formConnectionSetting (/goform/formConnectionSetting). Manipulating max_Conn/timeOut parameters can lead to remote execution. Attack vector is network with low complexity; authentication required is LO...

EUVD-2026-31574

A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been mad...

CVE-2026-9361 Edimax EW-7438RPn POST Request formAccep formAccept command injection

A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. The attack may be initiated remotely. The exploit has been mad...

CVE-2026-9360 Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

CVE-2026-9359

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

EUVD-2026-31570

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9359

The CVE-2026-9359 entry concerns Edimax EW-7438RPn firmware version 1.28a. The vulnerability affects the POST Request Handler’s function formHwSet in /goform/formHwSet, where manipulating arguments (Anntena, Mcs, regDomain, nic0Addr, nic1Addr, wlanAddr, wanAddr, wlanSSID, wlanChan, comd, initgain...

PT-2026-42968

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring self-learning capabilities. Versions of Hermes Agent prior to 2026.4.16 contained a security vulnerability. This vulnerability stemmed from improper handling of the executecode function in the Environment Variable Handler...

PT-2026-42918

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.28a Description A buffer overflow can be triggered remotely via the POST Request Handler component. The issue exists in the formwlencrypt24g function within the '/goform/formwlencrypt24g' endpoint when manipulating...

PT-2026-42911

A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skills guard.py of the component Skills Guard Multi-Word Prompt Handler. The manipulation of the argument THREAT PATTERNS leads to injection. Remote...

PT-2026-42919

Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.12 Description A command injection flaw exists in the POST Request Handler component. A remote attacker can trigger this issue by manipulating the submit-url argument within the formAccept function of the...

Hermes Agent 访问控制错误漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring self-learning capabilities. Versions of Hermes Agent prior to 2026.4.23 contained a access control vulnerability. This vulnerability originated from the makerunenv function in the tools/environments/local.py file of the...

Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a security vulnerability. This vulnerability stems from improper handling of the parameter “key1” by the formwlencrypt24g function in the component POST Request Handler...

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. Version 1.12 of the Edimax EW-7438RPn contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter “method” in the function formEZCHNwlanSetup of the component...

PT-2026-42928

Name of the Vulnerable Software and Affected Versions hermes-agent versions prior to 2026.4.17 Description A remote attack can be launched against the Environment Variable Handler component. The issue resides in the execute code function within the tools/code execution tool.py file, where...

Besen BS20 EV Charging Station 授权问题漏洞

The Besen BS20 EV Charging Station is an AC electric vehicle wall-mounted charging station developed by the Chinese company Besen. The version of the Besen BS20 EV Charging Station dated 20260426 and earlier contained an authorization issue vulnerability. This vulnerability stemmed from improper...

Edimax EW-7438RPn 命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...