Description
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC.
Published: 2025-06-20
Score: 9.4 Critical
EPSS: 5.4% Low
KEV: No
Impact: Remote Command Execution as root
Action: Immediate Patch
AI Analysis

Impact

An OS command‑injection flaw exists in the Edimax EW‑7438RPn Mini Wi‑Fi range extenders running firmware version 1.13 and older. The syscmd.asp form handler in the /goform/formSysCmd endpoint fails to validate the sysCmd parameter, allowing a remote authenticated attacker to inject arbitrary shell commands. Successful exploitation executes these commands locally with root privileges, giving the attacker full control of the device’s operating system.

Affected Systems

Affected devices are the Edimax EW‑7438RPn Mini Wi‑Fi range extenders with firmware 1.13 or earlier. These models are identified in the CNA as Edimax:Edimax EW‑7438RPn Mini. The first evidence of field exploitation was recorded by the Shadowserver Foundation on 2024‑09‑14 UTC.

Risk and Exploitability

The CVSS score of 9.4 indicates a critical vulnerability and the EPSS score of 5 % suggests a notable probability of exploitation. The device is not listed in the CISA KEV catalog, but root‑level code execution represents a high‑priority threat. The violation of the input validation indicates an OS command‑injection weakness (CWE‑78). The likely attack vector is through the device’s remote management interface after an authenticated session is established, commonly via default or compromised credentials; thus the vulnerability can be triggered from within the local network or via any remote user who can log in.

Generated by OpenCVE AI on April 28, 2026 at 18:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update that removes the syscmd.asp vulnerability to the Edimax EW‑7438RPn Mini.
  • Limit the device’s network exposure by isolating it from untrusted networks or disabling remote management features if they are unnecessary.
  • Ensure the device’s administrative credentials are changed immediately from the defaults and use strong, unique passwords.

Generated by OpenCVE AI on April 28, 2026 at 18:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-18775 An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user.
History

Thu, 20 Nov 2025 21:30:00 +0000

Type Values Removed Values Added
Description An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2025-10-07 UTC. An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC.

Thu, 20 Nov 2025 16:00:00 +0000

Type Values Removed Values Added
Description An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2025-10-07 UTC.
Title Edimax EW-7438RPn Mini OS Command Injection Edimax EW-7438RPn Mini OS Command Injection via syscmd.asp

Wed, 19 Nov 2025 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Edimax ew-7438rpn Mini V2
CPEs cpe:2.3:h:edimax:ew-7438rpn_mini_v2:*:*:*:*:*:*:*:*
Vendors & Products Edimax ew-7438rpn Mini V2

Tue, 23 Sep 2025 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Edimax ew-7438rpn Mini Firmware
CPEs cpe:2.3:h:edimax:ew-7438rpn_mini:-:*:*:*:*:*:*:*
cpe:2.3:o:edimax:ew-7438rpn_mini_firmware:*:*:*:*:*:*:*:*
Vendors & Products Edimax ew-7438rpn Mini Firmware
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Mon, 23 Jun 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 20 Jun 2025 19:00:00 +0000

Type Values Removed Values Added
Description An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary shell commands directly, resulting in command execution as the root user.
Title Edimax EW-7438RPn Mini OS Command Injection
Weaknesses CWE-78
References
Metrics cvssV4_0

{'score': 9.4, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}

Subscriptions

Edimax Ew-7438rpn Mini Ew-7438rpn Mini Firmware Ew-7438rpn Mini V2
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:09:04.132Z

Reserved: 2025-04-15T19:15:22.546Z

Link: CVE-2025-34029

cve-icon Vulnrichment

Updated: 2025-06-23T20:41:23.047Z

cve-icon NVD

Status : Modified

Published: 2025-06-20T19:15:37.210

Modified: 2025-11-20T22:15:55.260

Link: CVE-2025-34029

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T19:00:20Z

Weaknesses