CVE-2026-9459

CVE-2026-9459 affects Edimax EW-7438RPn (v1.31). The vulnerability lies in the formConnectionSetting function (/goform/formConnectionSetting); manipulating max_Conn/timeOut triggers a stack-based buffer overflow. It can be exploited remotely, with exploit activity publicly available and a PROOF-O...

CVE-2026-9344 Edimax EW-7438RPn webs formWpsStart stack-based overflow

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed...

EUVD-2020-31042

Edimax EW-7438RPn-v3 Mini 1.27 allows unauthenticated attackers to access the /wizardreboot.asp page in unsetup mode, which discloses the Wi-Fi SSID and security key. Attackers can retrieve the wireless password by sending a GET request to this endpoint, exposing sensitive information without...

CVE-2025-14093 Edimax BR-6478AC V3 formTracerouteDiagnosticRun sub_416990 os command injection

A vulnerability was detected in Edimax BR-6478AC V3 1.0.15. Impacted is the function sub416990 of the file /boafrm/formTracerouteDiagnosticRun. The manipulation of the argument host results in os command injection. The attack can be launched remotely. The exploit is now public and may be used. Th...

CVE-2024-7616

A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as critical. Affected by this issue is the function cgiFormString of the file ipcamcgi. The manipulation of the argument host leads to command injection. NOTE: The vendor was contacted early about this...