CVE-2026-13562
HIGH
8.8
CVSS 3.1
Description
A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Metadata
Severity & Metrics
8.8
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Edimax | EW-7478APC | — | 1.04 |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.0 | N/D | 2.0 | cna | AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR |
| 8.8 | HIGH | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 8.8 | HIGH | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 8.7 | HIGH | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
References (5)
- VDB-374570 | Edimax EW-7478APC POST Request formiNICSiteSurvey buffer overflow https://vuldb.com/vuln/374570
- VDB-374570 | CTI Indicators (IOB, IOC, IOA) https://vuldb.com/vuln/374570/cti
- CVE-2026-13562 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-13562
- Submit #844112 | EDIMAX EW-7478APC EW-7478APC 1.04 Buffer Overflow https://vuldb.com/submit/844112
- https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formiNICSiteSurvey-34b53a41781f8053af98c2127c476d66?pvs=73