CVE-2026-9348

8.8 HIGH

A vulnerability was found in Edimax EW-7438RPn up to 1.31

Published: 2026-05-24 · Last updated: 2026-05-26

Severity and scoring

CVSS: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119, CWE-121

Description

A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unknown functionality of the file /goform/mp of the component webs. The manipulation of the argument webs results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9348
[Other]https://github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_6/6.md
[Other]https://vuldb.com/submit/813890
[Other]https://vuldb.com/vuln/365311
[Other]https://vuldb.com/vuln/365311/cti

Related CVEs

Same CWE

CVE-2026-12330 — Incorrect boundary conditions in the Internationalization component (5.4 MEDIUM)
CVE-2026-12329 — Memory safety bug fixed in Thunderbird ESR 140.12 (5.3 MEDIUM)
CVE-2026-12327 — Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151 (7.3 HIGH)
CVE-2026-12326 — Memory safety bugs present in Firefox 151 and Thunderbird 151 (7.3 HIGH)
CVE-2026-12318 — Incorrect boundary conditions in the Libraries component in NSS (7.3 HIGH)