Primary

Context

Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability in Webs Component

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the Edimax EW-7438RPn range extender, affecting versions through 1.31. The issue arises in the webs component, specifically within the '/goform/mp' file. The vulnerability can be exploited remotely by manipulating the 'webs' argument, leading to a crash of the device. The input validation is inadequate, allowing overly long data to overwrite the stack's return address, which could potentially be leveraged to execute arbitrary code.

Impact

Exploitation of this vulnerability causes the device to crash, disrupting its normal functioning and service availability.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/goform/mp' with a 'command' parameter that contains a long string. This excessive input will cause the router to crash, as it overwhelms the stack and disrupts the device's operation.

Added: May 26, 2026, 9:03 PM

Updated: May 26, 2026, 9:03 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

9.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability in Webs Component

Vulnerability

Impact

Reproduction

Affected Products

Edimax EW-7438RPn

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating