Edimax EW-7438RPn formWpsProxyEnable stack-based overflow
Description
A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-based buffer overflow in Edimax EW-7438RPn 1.31 via formWpsProxyEnable allows remote attackers to execute arbitrary code.
Vulnerability
A stack-based buffer overflow vulnerability exists in Edimax EW-7438RPn wireless extender firmware version 1.31. The flaw is located in the formWpsProxyEnable function of the /goform/formWpsProxyEnable handler. The submit-url parameter is copied to a fixed-size stack buffer without proper length validation, enabling an attacker to overwrite the return address and hijack execution control. The affected device runs firmware version 1.31.
Exploitation
An unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP POST request to /goform/formWpsProxyEnable with an excessively long submit-url value. No authentication is required if the web interface is reachable over the network. The overflow can be triggered remotely, and a public proof-of-concept exploit is available [1].
Impact
Successful exploitation results in remote code execution with root privileges on the device. This allows the attacker to fully compromise the router, leading to potential disclosure of network traffic, alteration of device settings, and use as a pivot for further attacks.
Mitigation
No official fix or firmware update has been released by Edimax as of the publication date. The vendor did not respond to disclosure attempts [1]. Users should consider isolating or replacing the affected device. No known workarounds exist.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: =1.31
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_15/15.mdmitreexploit
- vuldb.com/submit/813899mitrethird-party-advisory
- vuldb.com/vuln/365443mitrevdb-entrytechnical-description
- vuldb.com/vuln/365443/ctimitresignaturepermissions-required
News mentions
0No linked articles in our index yet.