CVE-2026-9343: OS Command Injection in Edimax EW-7438RPn
CVE-2026-9343 is an OS command injection vulnerability in the Edimax EW-7438RPn router firmware up to version 1. 31. The issue exists in the formWpsStart function of the /goform/formWpsStart component, where manipulation of the pinCode argument allows injection of OS commands. This vulnerability can be exploited remotely without user interaction and requires low privileges. Although a public exploit is available, the vendor has not responded or provided a fix. The vulnerability has a CVSS 4. 0 base score of 5. 3, indicating medium severity.
AI Analysis
Technical Summary
The Edimax EW-7438RPn router firmware versions up to 1.31 contain an OS command injection vulnerability in the formWpsStart function of the /goform/formWpsStart web component. By manipulating the pinCode parameter, an attacker can inject arbitrary OS commands remotely. The vulnerability requires low privileges and no user interaction, with limited scope and impact. The vendor was notified but has not issued any patch or remediation guidance. Public exploit code is available, increasing the risk of exploitation.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary OS commands on the affected device remotely, potentially leading to unauthorized control or disruption of the router. The vulnerability requires low privileges and no user interaction, increasing its risk. However, the impact is limited by the vulnerability's scope and vector. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded or released a fix, users should consider disabling WPS functionality if possible or isolating the device from untrusted networks to reduce exposure. Monitor official Edimax channels for any future updates or patches addressing this issue.
CVE-2026-9343: OS Command Injection in Edimax EW-7438RPn
Description
CVE-2026-9343 is an OS command injection vulnerability in the Edimax EW-7438RPn router firmware up to version 1. 31. The issue exists in the formWpsStart function of the /goform/formWpsStart component, where manipulation of the pinCode argument allows injection of OS commands. This vulnerability can be exploited remotely without user interaction and requires low privileges. Although a public exploit is available, the vendor has not responded or provided a fix. The vulnerability has a CVSS 4. 0 base score of 5. 3, indicating medium severity.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Edimax EW-7438RPn router firmware versions up to 1.31 contain an OS command injection vulnerability in the formWpsStart function of the /goform/formWpsStart web component. By manipulating the pinCode parameter, an attacker can inject arbitrary OS commands remotely. The vulnerability requires low privileges and no user interaction, with limited scope and impact. The vendor was notified but has not issued any patch or remediation guidance. Public exploit code is available, increasing the risk of exploitation.
Potential Impact
Successful exploitation allows an attacker to execute arbitrary OS commands on the affected device remotely, potentially leading to unauthorized control or disruption of the router. The vulnerability requires low privileges and no user interaction, increasing its risk. However, the impact is limited by the vulnerability's scope and vector. No known exploits in the wild have been reported yet.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded or released a fix, users should consider disabling WPS functionality if possible or isolating the device from untrusted networks to reduce exposure. Monitor official Edimax channels for any future updates or patches addressing this issue.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-05-23T08:32:18.217Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a12355609f6977edb747791
Added to database: 5/23/2026, 11:16:38 PM
Last enriched: 5/23/2026, 11:31:32 PM
Last updated: 5/24/2026, 12:58:02 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.