Edimax EW-7438RPn formSDHCP stack-based overflow
Description
A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the file /goform/formSDHCP. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack-based buffer overflow in Edimax EW-7438RPn firmware 1.31 allows remote unauthenticated attackers to crash the device or execute arbitrary code via a crafted submit-url parameter.
Vulnerability
The vulnerability is a stack-based buffer overflow in the formSDHCP function of the /goform/formSDHCP endpoint in Edimax EW-7438RPn firmware version 1.31. The submit-url parameter is copied directly into a stack buffer without length validation, allowing an oversized input to overwrite the return address. The affected product is an extender, and the vulnerability is present in the webs binary. [1]
Exploitation
An attacker can exploit this remotely by sending a crafted HTTP POST request to the /goform/formSDHCP endpoint with an overly long submit-url value. No authentication is required, as the PoC shows a request with basic authorization but the vulnerability is reachable without it. The attacker can cause a crash or, with careful payload construction, achieve arbitrary code execution. The exploit has been publicly disclosed. [1]
Impact
Successful exploitation allows an attacker to crash the device (denial of service) or execute arbitrary code with the privileges of the web server process. This could lead to full compromise of the device, including unauthorized access to network traffic or further attacks on the local network. [1]
Mitigation
As of the publication date, the vendor has not responded to disclosure and no patch is available. Users should consider isolating the device from untrusted networks or replacing it if possible. No workaround is provided. The vulnerability is not listed in CISA KEV as of this writing. [1]
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: 1.31
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/wudipjq/my_vuln/blob/main/Edimax/vuln_20/20.mdmitreexploit
- vuldb.com/submit/813904mitrethird-party-advisory
- vuldb.com/vuln/365463mitrevdb-entrytechnical-description
- vuldb.com/vuln/365463/ctimitresignaturepermissions-required
News mentions
0No linked articles in our index yet.