CVE-2026-13583
HIGH
8.8
CVSS 3.1
Description
A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argument ShareName/SelectName leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Metadata
Severity & Metrics
8.8
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Edimax | EW-7478APC | — | 1.04 |
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 9.0 | N/D | 2.0 | cna | AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR |
| 8.8 | HIGH | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 8.8 | HIGH | 3.0 | cna | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 8.7 | HIGH | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
References (5)
- VDB-374589 | Edimax EW-7478APC POST Request formUSBFolder buffer overflow https://vuldb.com/vuln/374589
- VDB-374589 | CTI Indicators (IOB, IOC, IOA) https://vuldb.com/vuln/374589/cti
- CVE-2026-13583 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-13583
- Submit #844118 | EDIMAX EW-7478APC EW-7478APC 1.04 Buffer Overflow https://vuldb.com/submit/844118
- https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formUSBFolder-34b53a41781f80d5b1f8ebce442de53f