CVE-2026-13582
Edimax EW-7478APC POST Request formUSBAccount buffer overflow
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argument UserName/Password causes buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
| CWE | CWE-120 CWE-119 |
| Vendor | edimax |
| Product | ew-7478apc |
| Published | Jun 29, 2026 |
| Last Updated | Jun 29, 2026 |
Stay Ahead of the Next One
Get instant alerts for edimax ew-7478apc
Be the first to know when new high vulnerabilities affecting edimax ew-7478apc are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Edimax / EW-7478APC
1.04
References
vuldb.com: https://vuldb.com/vuln/374588 vuldb.com: https://vuldb.com/vuln/374588/cti vuldb.com: https://vuldb.com/cve/CVE-2026-13582 vuldb.com: https://vuldb.com/submit/844117 lavender-bicycle-a5a.notion.site: https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formUSBAccount-34b53a41781f8077ad48e4c3af9be499
Credits
๐ wxhwxhwxh_mie (VulDB User) VulDB CNA Team