CVE-2026-9362 | Edimax EW-7438RPn 1.12 Setting formConnectionSetting max_Conn/timeOut command injection

A vulnerability categorized as critical has been discovered in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max_Conn/timeOut leads to command injection.

This vulnerability is traded as CVE-2026-9362. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9362 | Edimax EW-7438RPn 1.12 Setting formConnectionSetting max_Conn/timeOut command injection

Post correlati

CVE-2024-2555 | SourceCodester Employee Task Management System 1.0 update-admin.php admin_id sql injection

CVE-2026-33446 | Absolute Secure Access up to 14.49 buffer overflow

CVE-2024-8023 | chillzhuang SpringBlade 4.1.0 list sql injection

CVE-2024-39930 | Gogs up to 0.13.0 SSH Connection internal/ssh/ssh.go argument injection