PT-2026-43003 · Edimax · Ew-7438Rpn

·

CVE-2026-9425

·

Published

2026-04-27

·

Updated

2026-05-25

CVSS v2.0

9.0

High

VectorAV:N/AC:L/Au:S/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.31
Description A stack-based buffer overflow occurs in the formWlanMP() function within the '/goform/formWlanMP' endpoint. This issue is triggered by the manipulation of several arguments, including ateFunc, ateGain, ateTxCount, ateChan, ateRate, ateMacID, e2pTxPower1, e2pTxPower2, e2pTxPower3, e2pTxPower4, e2pTxPower5, e2pTxPower6, e2pTxPower7, e2pTx2Power1, e2pTx2Power2, e2pTx2Power3, e2pTx2Power4, e2pTx2Power5, e2pTx2Power6, e2pTx2Power7, ateTxFreqOffset, ateMode, ateBW, ateAntenna, e2pTxFreqOffset, e2pTxPwDeltaB, e2pTxPwDeltaG, e2pTxPwDeltaMix, e2pTxPwDeltaN, and readE2P. Remote exploitation is possible.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Stack Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

BDU:2026-07285
CVE-2026-9425

Affected Products

Ew-7438Rpn