CVE-2026-13583
Edimax EW-7478APC POST Request formUSBFolder buffer overflow
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability has been found in Edimax EW-7478APC 1.04. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. Such manipulation of the argument ShareName/SelectName leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
| CWE | CWE-120 CWE-119 |
| Vendor | edimax |
| Product | ew-7478apc |
| Published | Jun 29, 2026 |
Stay Ahead of the Next One
Get instant alerts for edimax ew-7478apc
Be the first to know when new high vulnerabilities affecting edimax ew-7478apc are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Edimax / EW-7478APC
1.04
References
vuldb.com: https://vuldb.com/vuln/374589 vuldb.com: https://vuldb.com/vuln/374589/cti vuldb.com: https://vuldb.com/cve/CVE-2026-13583 vuldb.com: https://vuldb.com/submit/844118 lavender-bicycle-a5a.notion.site: https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formUSBFolder-34b53a41781f80d5b1f8ebce442de53f
Credits
๐ wxhwxhwxh_mie (VulDB User) VulDB CNA Team