Edimax Technology Ew-7438Rpn Mini vulnerabilities
2 known vulnerabilities affecting edimax_technology/ew-7438rpn_mini.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2020-37125P1CRITICALCVSS 9.8v1.272026-02-05
CVE-2020-37125 [CRITICAL] CWE-78 CVE-2020-37125: Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenti
Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download and execute malicious scripts on the device.
nvd
CVE-2020-37149P3HIGHCVSS 8.8v1.23v1.272026-02-05
CVE-2020-37149 [HIGH] CWE-352 CVE-2020-37149: Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead to c
Edimax EW-7438RPn-v3 Mini 1.27 is vulnerable to cross-site request forgery (CSRF) that can lead to command execution. An attacker can trick an authenticated user into submitting a crafted form to the /goform/mp endpoint, resulting in arbitrary command execution on the device with the user's privileges.
nvd