EW-7438RPn 1.31

A stack-based buffer overflow vulnerability (CVE-2026-9481) exists in the formStats function of the /goform/formStats file in Edimax EW-7438RPn version 1.31, allowing a remote attacker to execute arbitrary code by manipulating the submit-url argument.

A stack-based buffer overflow vulnerability (CVE-2026-9479) exists in the formLogout function of the /goform/formLogout file in Edimax EW-7438RPn 1.31, triggered by manipulating the submit-url argument, allowing remote attackers to execute arbitrary code.

Edimax EW-7438RPn version 1.31 is vulnerable to a stack-based buffer overflow in the formLicence function of the /goform/formLicence file, allowing remote attackers to execute arbitrary code by manipulating the submit-url argument; a public exploit is available.

Edimax EW-7438RPn version 1.31 is vulnerable to a stack-based buffer overflow (CVE-2026-9462) in the `formWpsProxyEnable` function of `/goform/formWpsProxyEnable`, triggered by manipulating the `submit-url` argument, allowing remote attackers to execute arbitrary code; a public exploit is available.

A stack-based buffer overflow vulnerability (CVE-2026-9459) exists in the formConnectionSetting function of /goform/formConnectionSetting in Edimax EW-7438RPn 1.31, allowing a remote attacker to execute arbitrary code by manipulating the max_Conn/timeOut arguments, with a public exploit available.

A stack-based buffer overflow vulnerability exists in Edimax EW-7438RPn version 1.31 in the formHwSet function of the /goform/formHwSet file, which can be triggered by manipulating the Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url argument, potentially leading to remote code execution.