CVE-2026-9460

8.8 HIGH

A weakness has been identified in Edimax EW-7438RPn 1.31

Published: 2026-05-25 · Last updated: 2026-05-26

Severity and scoring

CVSS: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119, CWE-121

Description

A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-9460
[Other]https://github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_13/13.md
[Other]https://vuldb.com/submit/813897
[Other]https://vuldb.com/vuln/365441
[Other]https://vuldb.com/vuln/365441/cti

Related CVEs

Same CWE

CVE-2026-12330 — Incorrect boundary conditions in the Internationalization component (5.4 MEDIUM)
CVE-2026-12329 — Memory safety bug fixed in Thunderbird ESR 140.12 (5.3 MEDIUM)
CVE-2026-12327 — Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151 (7.3 HIGH)
CVE-2026-12326 — Memory safety bugs present in Firefox 151 and Thunderbird 151 (7.3 HIGH)
CVE-2026-12318 — Incorrect boundary conditions in the Libraries component in NSS (7.3 HIGH)