Edimax EW-7438RPn formConnectionSetting stack-based overflow
Description
A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max_Conn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Remote attacker can trigger a stack-based buffer overflow in Edimax EW-7438RPn 1.31 via the formConnectionSetting function, leading to code execution or crash.
Vulnerability
A stack-based buffer overflow exists in the /goform/formConnectionSetting handler of the Edimax EW-7438RPn firmware version 1.31. The function formConnectionSetting copies user-supplied data from the HTTP POST parameters max_Conn and timeOut directly onto the stack without length checking, allowing an oversized value to overwrite the return address and adjacent memory [1].
Exploitation
The attacker can send a crafted HTTP POST request to http:///goform/formConnectionSetting containing an excessively long max_Conn or timeOut parameter. No prior authentication is required; the exploit is performed remotely and a public proof-of-concept (PoC) that crashes the router with a long max_Conn payload has been released [1]. The PoC uses a single POST request with the vulnerable parameter set to a repeating pattern (aaa…) to trigger the overflow.
Impact
Successful exploitation can cause a denial of service (device crash) or, with a carefully crafted payload, arbitrary code execution at the privilege level of the web server process. This can lead to full compromise of the extender's functionality, including potential lateral movement on the network [1].
Mitigation
The vendor (Edimax) was contacted but did not respond. As of the publication date (2026-05-25), no official patch or fixed firmware version has been released [1]. Until a fix is available, users should isolate the device on a trusted network segment and restrict remote access (e.g., disable WAN-side administration). The device is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: =1.31
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_12/12.mdmitreexploit
- vuldb.com/submit/813896mitrethird-party-advisory
- vuldb.com/vuln/365440mitrevdb-entrytechnical-description
- vuldb.com/vuln/365440/ctimitresignaturepermissions-required
News mentions
0No linked articles in our index yet.