Description
A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-24
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack-based buffer overflow is present in the /goform/formWpsStart handler of the Edimax EW‑7438RPn firmware when unvalidated pinCode and wlan‑url parameters are received; the flaw is recorded as CWE‑119 and CWE‑121. Manipulating these inputs can corrupt the stack and potentially allow a remote attacker to execute arbitrary code on the device.

Affected Systems

All EW‑7438RPn units with firmware versions up to and including 1.31 are affected. The vulnerability is triggered through the web interface; based on the description, it is inferred that an attacker does not need local access to exploit it.

Risk and Exploitability

The flaw carries a CVSS score of 8.7, indicating high severity, and has an unknown EPSS score. It is not listed in the CISA KEV catalog. Attackers can reach the vulnerable endpoint over the network, likely over standard HTTP/HTTPS, and can gain full control of the device once the buffer overflow is triggered, enabling further compromise of the local network.

Generated by OpenCVE AI on May 24, 2026 at 01:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware update from Edimax that addresses the buffer overflow in the /goform/formWpsStart endpoint as soon as it becomes available.
  • If a patch is not yet released, restrict access to the web management interface by firewall rules or by placing the device on a segregated VLAN and limiting inbound traffic to trusted sources.
  • Disable the WPS feature if it is not required, change the default administrative credentials to strong unique passwords, and regularly review device logs for anomalous activity.

Generated by OpenCVE AI on May 24, 2026 at 01:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 24 May 2026 00:30:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title Edimax EW-7438RPn webs formWpsStart stack-based overflow
First Time appeared Edimax
Edimax ew-7438rpn
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:a:edimax:ew-7438rpn:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax ew-7438rpn
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Edimax Ew-7438rpn
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-24T00:00:15.168Z

Reserved: 2026-05-23T08:32:21.210Z

Link: CVE-2026-9344

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-24T02:00:13Z

Weaknesses