{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/edimax/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-9481"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["EW-7438RPn 1.31"],"_cs_severities":["critical"],"_cs_tags":["cve","cve-2026-9481","buffer overflow","edimax","stack overflow"],"_cs_type":"threat","_cs_vendors":["Edimax"],"content_html":"\u003cp\u003eA critical stack-based buffer overflow vulnerability, identified as CVE-2026-9481, has been discovered in Edimax EW-7438RPn version 1.31. This vulnerability resides within the \u003ccode\u003eformStats\u003c/code\u003e function located in the \u003ccode\u003e/goform/formStats\u003c/code\u003e file. The vulnerability stems from improper input validation of the \u003ccode\u003esubmit-url\u003c/code\u003e argument, allowing a remote attacker to potentially overwrite parts of the stack. Publicly available exploit code exists, increasing the risk of widespread exploitation. The vendor was notified but did not respond, increasing the urgency for users to apply mitigations.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker sends a specially crafted HTTP request to the Edimax EW-7438RPn device.\u003c/li\u003e\n\u003cli\u003eThe HTTP request targets the \u003ccode\u003e/goform/formStats\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe request includes the \u003ccode\u003esubmit-url\u003c/code\u003e argument with a value exceeding the expected buffer size.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eformStats\u003c/code\u003e function processes the \u003ccode\u003esubmit-url\u003c/code\u003e argument without proper bounds checking.\u003c/li\u003e\n\u003cli\u003eThe excessive length of the \u003ccode\u003esubmit-url\u003c/code\u003e argument causes a buffer overflow on the stack.\u003c/li\u003e\n\u003cli\u003eThe attacker overwrites critical data on the stack, such as the return address.\u003c/li\u003e\n\u003cli\u003eUpon function return, control is redirected to an address specified by the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker executes arbitrary code on the device, potentially gaining full control.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9481 allows a remote attacker to execute arbitrary code on the vulnerable Edimax EW-7438RPn device. Given the device\u0026rsquo;s likely placement as a network gateway or access point, this could lead to complete compromise of the network, data exfiltration, or denial-of-service conditions. The number of affected devices is unknown, but the existence of public exploit code increases the likelihood of widespread attacks targeting this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-9481 Exploitation Attempt via Long submit-url\u0026rdquo; to identify potential exploitation attempts in web server logs.\u003c/li\u003e\n\u003cli\u003eMonitor webserver logs for abnormal POST requests to the \u003ccode\u003e/goform/formStats\u003c/code\u003e endpoint, looking for unusually long submit-url parameters.\u003c/li\u003e\n\u003cli\u003eApply network intrusion detection rules that look for patterns indicative of buffer overflow attempts in HTTP requests targeting Edimax EW-7438RPn devices.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:48:18Z","date_published":"2026-05-26T14:48:18Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9481-edimax-overflow/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-9481) exists in the formStats function of the /goform/formStats file in Edimax EW-7438RPn version 1.31, allowing a remote attacker to execute arbitrary code by manipulating the submit-url argument.","title":"Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability (CVE-2026-9481)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9481-edimax-overflow/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-9463"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["EW-7438RPn 1.31"],"_cs_severities":["high"],"_cs_tags":["cve","buffer_overflow","edimax"],"_cs_type":"threat","_cs_vendors":["Edimax"],"content_html":"\u003cp\u003eCVE-2026-9463 describes a stack-based buffer overflow vulnerability affecting Edimax EW-7438RPn version 1.31. The vulnerability resides in the \u003ccode\u003eformLicence\u003c/code\u003e function within the \u003ccode\u003e/goform/formLicence\u003c/code\u003e file. A remote attacker can trigger this vulnerability by manipulating the \u003ccode\u003esubmit-url\u003c/code\u003e argument, potentially leading to arbitrary code execution. The vendor has been notified but has not responded. Publicly available exploit code exists, increasing the risk of exploitation. This vulnerability matters to defenders because it allows unauthenticated attackers to compromise the device remotely, potentially gaining control of the network it serves.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker sends a crafted HTTP request to the \u003ccode\u003e/goform/formLicence\u003c/code\u003e endpoint of the Edimax EW-7438RPn device.\u003c/li\u003e\n\u003cli\u003eThe request includes a malicious \u003ccode\u003esubmit-url\u003c/code\u003e argument containing a string longer than the allocated buffer size within the \u003ccode\u003eformLicence\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe device processes the HTTP request and calls the \u003ccode\u003eformLicence\u003c/code\u003e function with the attacker-controlled \u003ccode\u003esubmit-url\u003c/code\u003e argument.\u003c/li\u003e\n\u003cli\u003eDue to insufficient bounds checking, the oversized \u003ccode\u003esubmit-url\u003c/code\u003e argument overwrites the stack buffer.\u003c/li\u003e\n\u003cli\u003eThe attacker precisely crafts the overflow to overwrite critical data on the stack, such as the return address.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eformLicence\u003c/code\u003e function completes its execution and attempts to return.\u003c/li\u003e\n\u003cli\u003eInstead of returning to the legitimate caller, the overwritten return address redirects execution to attacker-controlled code.\u003c/li\u003e\n\u003cli\u003eThe attacker gains arbitrary code execution on the device, potentially leading to full system compromise.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9463 allows a remote attacker to execute arbitrary code on the Edimax EW-7438RPn device. Given the nature of buffer overflows, this can result in complete system compromise, allowing the attacker to control the device, potentially pivot to other devices on the network, and intercept or manipulate network traffic. The vulnerability affects Edimax EW-7438RPn version 1.31. The number of affected devices is unknown, but exploitation could lead to widespread disruption of home and small business networks.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2026-9463 Exploitation Attempt\u003c/code\u003e to detect malicious HTTP requests targeting the vulnerable endpoint and argument.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious requests to \u003ccode\u003e/goform/formLicence\u003c/code\u003e containing unusually long \u003ccode\u003esubmit-url\u003c/code\u003e parameters to identify potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eSince no patch is available, consider replacing the affected Edimax EW-7438RPn device with a more secure alternative.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:39:34Z","date_published":"2026-05-26T14:39:34Z","id":"https://feed.craftedsignal.io/briefs/2026-05-edimax-overflow/","summary":"Edimax EW-7438RPn version 1.31 is vulnerable to a stack-based buffer overflow in the formLicence function of the /goform/formLicence file, allowing remote attackers to execute arbitrary code by manipulating the submit-url argument; a public exploit is available.","title":"Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability (CVE-2026-9463)","url":"https://feed.craftedsignal.io/briefs/2026-05-edimax-overflow/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-9462"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["EW-7438RPn 1.31"],"_cs_severities":["high"],"_cs_tags":["cve","buffer overflow","edimax"],"_cs_type":"advisory","_cs_vendors":["Edimax"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability, identified as CVE-2026-9462, affects Edimax EW-7438RPn version 1.31. The vulnerability resides within the \u003ccode\u003eformWpsProxyEnable\u003c/code\u003e function of the \u003ccode\u003e/goform/formWpsProxyEnable\u003c/code\u003e file. By manipulating the \u003ccode\u003esubmit-url\u003c/code\u003e argument, a remote attacker can trigger a buffer overflow, potentially leading to arbitrary code execution. According to the NVD advisory published on May 25, 2026, a public exploit is available, increasing the risk of exploitation. The vendor was notified about this vulnerability, but has not responded. This vulnerability poses a significant threat to devices running the affected firmware version.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies an Edimax EW-7438RPn device running firmware version 1.31.\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious HTTP request targeting the \u003ccode\u003e/goform/formWpsProxyEnable\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eThe malicious request includes a \u003ccode\u003esubmit-url\u003c/code\u003e argument with a payload exceeding the buffer size allocated for it within the \u003ccode\u003eformWpsProxyEnable\u003c/code\u003e function.\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eformWpsProxyEnable\u003c/code\u003e function processes the request without proper bounds checking on the \u003ccode\u003esubmit-url\u003c/code\u003e argument.\u003c/li\u003e\n\u003cli\u003eThe oversized \u003ccode\u003esubmit-url\u003c/code\u003e payload overwrites memory on the stack, including the return address.\u003c/li\u003e\n\u003cli\u003eThe function attempts to return, but instead jumps to an address controlled by the attacker, allowing for code execution.\u003c/li\u003e\n\u003cli\u003eThe attacker executes arbitrary commands on the device.\u003c/li\u003e\n\u003cli\u003eThe attacker gains full control of the device, potentially using it for malicious purposes such as botnet participation, data exfiltration, or pivoting to other network resources.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9462 allows a remote attacker to execute arbitrary code on the affected Edimax EW-7438RPn device. This could lead to complete device compromise, allowing the attacker to modify device settings, intercept network traffic, or use the device as a launchpad for further attacks within the network. Given the availability of a public exploit, the risk of widespread exploitation is elevated.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMonitor web server logs for requests targeting the \u003ccode\u003e/goform/formWpsProxyEnable\u003c/code\u003e endpoint with abnormally long \u003ccode\u003esubmit-url\u003c/code\u003e arguments to detect exploitation attempts using the Sigma rule provided.\u003c/li\u003e\n\u003cli\u003eApply network intrusion detection system (IDS) rules to detect and block malicious HTTP requests targeting the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eAlthough no patch is available, consider isolating vulnerable Edimax EW-7438RPn devices from critical network segments to limit the potential impact of a successful exploit.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:21:47Z","date_published":"2026-05-26T14:21:47Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9462-edimax-buffer-overflow/","summary":"Edimax EW-7438RPn version 1.31 is vulnerable to a stack-based buffer overflow (CVE-2026-9462) in the `formWpsProxyEnable` function of `/goform/formWpsProxyEnable`, triggered by manipulating the `submit-url` argument, allowing remote attackers to execute arbitrary code; a public exploit is available.","title":"Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability (CVE-2026-9462)","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9462-edimax-buffer-overflow/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-9459"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["EW-7438RPn 1.31"],"_cs_severities":["high"],"_cs_tags":["cve","buffer overflow","edimax"],"_cs_type":"threat","_cs_vendors":["Edimax"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability, identified as CVE-2026-9459, affects the Edimax EW-7438RPn version 1.31. The vulnerability resides within the \u003ccode\u003eformConnectionSetting\u003c/code\u003e function located in the \u003ccode\u003e/goform/formConnectionSetting\u003c/code\u003e file. Successful exploitation allows a remote attacker to potentially execute arbitrary code on the device. The root cause is improper input validation on the \u003ccode\u003emax_Conn\u003c/code\u003e and \u003ccode\u003etimeOut\u003c/code\u003e arguments, leading to a buffer overflow when these arguments are manipulated. Publicly available exploit code exists, increasing the risk of widespread exploitation. The vendor has been unresponsive to disclosure attempts.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies a vulnerable Edimax EW-7438RPn 1.31 device exposed to the internet.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/goform/formConnectionSetting\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the HTTP request, the attacker manipulates the \u003ccode\u003emax_Conn\u003c/code\u003e or \u003ccode\u003etimeOut\u003c/code\u003e arguments with an overly long string.\u003c/li\u003e\n\u003cli\u003eThe vulnerable \u003ccode\u003eformConnectionSetting\u003c/code\u003e function processes the request without proper bounds checking.\u003c/li\u003e\n\u003cli\u003eThe oversized input overflows the stack buffer, overwriting adjacent memory regions.\u003c/li\u003e\n\u003cli\u003eThe attacker carefully crafts the overflow to overwrite the return address with the address of malicious code.\u003c/li\u003e\n\u003cli\u003eThe function returns, diverting execution to the attacker-controlled code.\u003c/li\u003e\n\u003cli\u003eThe attacker achieves arbitrary code execution on the device, potentially gaining full control.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-9459 can lead to complete compromise of the Edimax EW-7438RPn device. This could allow attackers to reconfigure the device, intercept network traffic, or use the device as a foothold for further attacks on the local network. Given the widespread use of such devices, a significant number of home and small business networks could be affected. The lack of vendor response makes patching unlikely, extending the window of vulnerability.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply web application firewall rules to filter requests to \u003ccode\u003e/goform/formConnectionSetting\u003c/code\u003e containing excessively long \u003ccode\u003emax_Conn\u003c/code\u003e or \u003ccode\u003etimeOut\u003c/code\u003e parameters, mitigating exploitation attempts.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs (category \u003ccode\u003ewebserver\u003c/code\u003e) for POST requests to \u003ccode\u003e/goform/formConnectionSetting\u003c/code\u003e with unusually long \u003ccode\u003ecs-uri-query\u003c/code\u003e parameters, corresponding to potential buffer overflow attempts.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect CVE-2026-9459 Exploitation Attempt\u0026rdquo; to detect suspicious requests exploiting this vulnerability.\u003c/li\u003e\n\u003cli\u003eConsider replacing affected Edimax EW-7438RPn devices with patched or more secure alternatives, given the lack of vendor support.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:12:18Z","date_published":"2026-05-26T14:12:18Z","id":"https://feed.craftedsignal.io/briefs/2026-05-edimax-stack-overflow/","summary":"A stack-based buffer overflow vulnerability (CVE-2026-9459) exists in the formConnectionSetting function of /goform/formConnectionSetting in Edimax EW-7438RPn 1.31, allowing a remote attacker to execute arbitrary code by manipulating the max_Conn/timeOut arguments, with a public exploit available.","title":"Edimax EW-7438RPn Stack-Based Buffer Overflow Vulnerability (CVE-2026-9459)","url":"https://feed.craftedsignal.io/briefs/2026-05-edimax-stack-overflow/"},{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":8.8,"id":"CVE-2026-9426"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["EW-7438RPn 1.31"],"_cs_severities":["critical"],"_cs_tags":["cve","cve-2026-9426","buffer-overflow","rce","edimax"],"_cs_type":"advisory","_cs_vendors":["Edimax"],"content_html":"\u003cp\u003eA stack-based buffer overflow vulnerability, identified as CVE-2026-9426, affects Edimax EW-7438RPn version 1.31. This flaw resides within the \u003ccode\u003eformHwSet\u003c/code\u003e function of the \u003ccode\u003e/goform/formHwSet\u003c/code\u003e file. The vulnerability is triggered through the manipulation of several arguments including Anntena, Mcs, regDomain, nic0Addr, nic1Addr, wlanAddr, wanAddr, wlanSSID, wlanChan, initgain, txcck, txofdm, and submit-url. A remote attacker can exploit this vulnerability to potentially execute arbitrary code on the affected device. Public exploits are available, increasing the risk of exploitation. The vendor was notified but has not responded.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker identifies an Edimax EW-7438RPn device running firmware version 1.31 accessible over the network.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request targeting the \u003ccode\u003e/goform/formHwSet\u003c/code\u003e endpoint.\u003c/li\u003e\n\u003cli\u003eWithin the HTTP request, the attacker includes a long string in one or more of the vulnerable parameters: \u003ccode\u003eAnntena\u003c/code\u003e, \u003ccode\u003eMcs\u003c/code\u003e, \u003ccode\u003eregDomain\u003c/code\u003e, \u003ccode\u003enic0Addr\u003c/code\u003e, \u003ccode\u003enic1Addr\u003c/code\u003e, \u003ccode\u003ewlanAddr\u003c/code\u003e, \u003ccode\u003ewanAddr\u003c/code\u003e, \u003ccode\u003ewlanSSID\u003c/code\u003e, \u003ccode\u003ewlanChan\u003c/code\u003e, \u003ccode\u003einitgain\u003c/code\u003e, \u003ccode\u003etxcck\u003c/code\u003e, \u003ccode\u003etxofdm\u003c/code\u003e, or \u003ccode\u003esubmit-url\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe device processes the HTTP request, passing the attacker-controlled input to the \u003ccode\u003eformHwSet\u003c/code\u003e function without proper bounds checking.\u003c/li\u003e\n\u003cli\u003eThe oversized input overflows the stack buffer allocated for the affected parameter(s).\u003c/li\u003e\n\u003cli\u003eThe stack overflow overwrites critical data, including the return address, on the stack.\u003c/li\u003e\n\u003cli\u003eThe attacker redirects control to an attacker-controlled address.\u003c/li\u003e\n\u003cli\u003eThe attacker executes arbitrary code on the device, potentially gaining full control.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability allows a remote attacker to execute arbitrary code on the Edimax EW-7438RPn device. This could lead to complete compromise of the device, allowing the attacker to eavesdrop on network traffic, modify device settings, or use the device as a launchpad for further attacks on the internal network. Given the nature of the vulnerability and the lack of vendor response, many devices may be vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u003ccode\u003eDetect CVE-2026-9426 Exploitation Attempt via Long URI\u003c/code\u003e to detect potential exploitation attempts by identifying abnormally long request parameters (cs-uri-query) targeting the vulnerable endpoint.\u003c/li\u003e\n\u003cli\u003eImplement rate limiting on requests to the \u003ccode\u003e/goform/formHwSet\u003c/code\u003e endpoint to mitigate brute-force exploitation attempts (log source: webserver).\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for POST requests with unusually long parameters related to \u003ccode\u003eAnntena\u003c/code\u003e, \u003ccode\u003eMcs\u003c/code\u003e, \u003ccode\u003eregDomain\u003c/code\u003e, \u003ccode\u003enic0Addr\u003c/code\u003e, \u003ccode\u003enic1Addr\u003c/code\u003e, \u003ccode\u003ewlanAddr\u003c/code\u003e, \u003ccode\u003ewanAddr\u003c/code\u003e, \u003ccode\u003ewlanSSID\u003c/code\u003e, \u003ccode\u003ewlanChan\u003c/code\u003e, \u003ccode\u003einitgain\u003c/code\u003e, \u003ccode\u003etxcck\u003c/code\u003e, \u003ccode\u003etxofdm\u003c/code\u003e, or \u003ccode\u003esubmit-url\u003c/code\u003e in the URI (log source: webserver).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T14:07:20Z","date_published":"2026-05-26T14:07:20Z","id":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9426-edimax-rce/","summary":"A stack-based buffer overflow vulnerability exists in Edimax EW-7438RPn version 1.31 in the formHwSet function of the /goform/formHwSet file, which can be triggered by manipulating the Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/txcck/txofdm/submit-url argument, potentially leading to remote code execution.","title":"CVE-2026-9426 - Edimax EW-7438RPn Stack-Based Buffer Overflow","url":"https://feed.craftedsignal.io/briefs/2026-05-cve-2026-9426-edimax-rce/"}],"language":"en","title":"CraftedSignal Threat Feed — Edimax","version":"https://jsonfeed.org/version/1.1"}