Description
A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-05-25
Score: 8.7 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A stack-based buffer overflow exists in the formHwSet function of Edimax EW-7438RPn firmware, triggered by malicious manipulation of several HTTP arguments such as Anntena, Mcs, regDomain, and various network address fields. The flaw can cause the stack to be corrupted, potentially enabling execution of arbitrary code or causing the device to crash. This vulnerability is categorized as CWE-119 and CWE‑121 and may be exploited remotely without authentication.

Affected Systems

The flaw is present in Edimax EW‑7438RPn routers running firmware version 1.31. Only this specific product and version are explicitly mentioned as affected.

Risk and Exploitability

The CVSS score of 8.7 indicates high severity, and the vulnerability is publicly exploitable with no known defensive mitigations from the vendor. Although EPSS data is not available, the public disclosure and lack of vendor response suggest a significant risk. The exploit can be performed remotely by sending crafted HTTP requests to the /goform/formHwSet endpoint, making it a remote code execution risk for administrators who leave the router exposed to untrusted networks.

Generated by OpenCVE AI on May 25, 2026 at 06:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the router firmware to the latest version released by Edimax.
  • If an update is unavailable, block or limit access to the /goform/formHwSet endpoint through firewall rules or by disabling remote management services.
  • Monitor the router’s logs for abnormal access patterns or repeated failed attempts to access the /goform/formHwSet interface.

Generated by OpenCVE AI on May 25, 2026 at 06:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 25 May 2026 05:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title Edimax EW-7438RPn formHwSet stack-based overflow
First Time appeared Edimax
Edimax ew-7438rpn
Weaknesses CWE-119
CWE-121
CPEs cpe:2.3:a:edimax:ew-7438rpn:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax ew-7438rpn
References
Metrics cvssV2_0

{'score': 9, 'vector': 'AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 8.8, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Edimax Ew-7438rpn
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-05-25T04:30:09.505Z

Reserved: 2026-05-24T06:59:18.177Z

Link: CVE-2026-9426

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-25T08:00:11Z

Weaknesses