CVE-2026-13582 | Edimax EW-7478APC 1.04 POST Request /goform/formUSBAccount UserName/Password buffer overflow

A vulnerability has been found in Edimax EW-7478APC 1.04 and classified as critical. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argument UserName/Password causes buffer overflow.

This vulnerability is tracked as CVE-2026-13582. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-13582 | Edimax EW-7478APC 1.04 POST Request /goform/formUSBAccount UserName/Password buffer overflow

Post correlati

CVE-2025-9719 | O2OA up to 10.0-410 Personal Profile Page script name/alias/description/applicationName cross site scripting (Issue 185)

CVE-2025-22567 | TRUSTist REVIEWer Plugin up to 2.0 on WordPress cross site scripting

CVE-2024-3799 | Phoniebox up to 2.7 Header Parameter os command injection

CVE-2023-38522 | Apache Traffic Server up to 8.1.10/9.2.4 Field Name request smuggling