PT-2026-42917 · Edimax · Ew-7438Rpn
Yhryhryhr_Miemie
·
Published
2026-05-24
·
Updated
2026-05-24
·
CVE-2026-9359
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Edimax EW-7438RPn version 1.28a
Description
A command injection issue exists in the POST Request Handler component. The
formHwSet() function within the '/goform/formHwSet' endpoint is susceptible to this flaw. A remote attacker can trigger this by manipulating several arguments, including Anntena, Mcs, regDomain, nic0Addr, nic1Addr, wlanAddr, wanAddr, wlanSSID, wlanChan, comd, initgain, txcck, and txofdm.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Command Injection
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ew-7438Rpn