CVE-2026-9348

Summary

A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unknown functionality of the file /goform/mp of the component webs. The manipulation of the argument webs results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
EdimaxEW-7438RPn1.0affected
EdimaxEW-7438RPn1.1affected
EdimaxEW-7438RPn1.2affected
EdimaxEW-7438RPn1.3affected
EdimaxEW-7438RPn1.4affected
EdimaxEW-7438RPn1.5affected
EdimaxEW-7438RPn1.6affected
EdimaxEW-7438RPn1.7affected
EdimaxEW-7438RPn1.8affected
EdimaxEW-7438RPn1.9affected
EdimaxEW-7438RPn1.10affected
EdimaxEW-7438RPn1.11affected
EdimaxEW-7438RPn1.12affected
EdimaxEW-7438RPn1.13affected
EdimaxEW-7438RPn1.14affected
EdimaxEW-7438RPn1.15affected
EdimaxEW-7438RPn1.16affected
EdimaxEW-7438RPn1.17affected
EdimaxEW-7438RPn1.18affected
EdimaxEW-7438RPn1.19affected
EdimaxEW-7438RPn1.20affected
EdimaxEW-7438RPn1.21affected
EdimaxEW-7438RPn1.22affected
EdimaxEW-7438RPn1.23affected
EdimaxEW-7438RPn1.24affected
EdimaxEW-7438RPn1.25affected
EdimaxEW-7438RPn1.26affected
EdimaxEW-7438RPn1.27affected
EdimaxEW-7438RPn1.28affected
EdimaxEW-7438RPn1.29affected
EdimaxEW-7438RPn1.30affected
EdimaxEW-7438RPn1.31affected

Weaknesses

  • CWE-121: Stack-based Buffer Overflow
  • CWE-119: Memory Corruption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References