CVE-2026-9363 | Edimax EW-7438RPn 1.12 POST Request formEZCHNwlanSetu formEZCHNwlanSetup method command injection

A vulnerability identified as critical has been detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection.

This vulnerability is known as CVE-2026-9363. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-9363 | Edimax EW-7438RPn 1.12 POST Request formEZCHNwlanSetu formEZCHNwlanSetup method command injection

Post correlati

CVE-2024-22223 | Dell Unity up to 5.3 svc_cbr os command injection (dsa-2024-042)

CVE-2025-12339 | Campcodes Retro Basketball Shoes Online Store 1.0 admin_football.php pid sql injection

CVE-2024-3242 | Brizy Plugin up to 2.4.44 on WordPress unrestricted upload

CVE-2024-12231 | CodeZips Project Management System 1.0 /index.php email sql injection