CVE-2026-9344
HighSummary
A vulnerability has been identified in Edimax EW-7438RPn devices up to version 1.31, leading to a stack-based buffer overflow. The issue affects an unknown function in the file /goform/formWpsStart of the webs component, where manipulation of the pinCode/wlan-url argument can lead to an attack.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a serious threat to the security of the organization's network and data. The public disclosure of the exploit increases the risk of attacks.
Recommendation
It is recommended to immediately update devices to the latest firmware version to mitigate this vulnerability. Additionally, network monitoring for suspicious activity should be implemented.
Original NVD description (English source)
A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

