CVE Catalog

CVE-2026-13562

HighCVSS 8.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.45%

36th percentile — higher than 36% of all known CVEs

Summary

A buffer overflow vulnerability was found in Edimax EW-7478APC version 1.04 in the formiNICSiteSurvey function of the /goform/formiNICSiteSurvey file. Manipulation of the selSSID argument allows remote attack. The exploit has been published and may be used.

Risk Assessment

An attacker can remotely take control of the device, leading to network integrity compromise and potential access to sensitive data.

Recommendation

Immediately disconnect or isolate the device from the network and contact the vendor for a security update.

Original NVD description (English source)

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS