CVE-2026-9347 | Edimax EW-7438RPn up to 1.31 webs /goform/formWizSurvey ip/mask/gateway os command injection

Inserito da Angelo Barbosa | Mag 23, 2026 | CVE

A vulnerability was found in Edimax EW-7438RPn up to 1.31. It has been rated as critical. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection.

This vulnerability is traded as CVE-2026-9347. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9347 | Edimax EW-7438RPn up to 1.31 webs /goform/formWizSurvey ip/mask/gateway os command injection

Post correlati

CVE-2024-7351 | Simple Job Board Plugin up to 2.12.3 on WordPress code injection

CVE-2026-20675 | Apple macOS/watchOS/visionOS/iOS/iPadOS/tvOS up to 26.2 Image Parser memory corruption

CVE-2024-51428 | Espressif ESP-IDF 5.3.0 Channel Packet denial of service

CVE-2026-4965 | letta-ai letta 0.16.4 Incomplete Fix CVE-2025-6101 ast_parsers.py resolve_type eval injection