CVE-2026-13562
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk36th percentile - higher than 36% of all known CVEs
Summary
A buffer overflow vulnerability was found in Edimax EW-7478APC version 1.04 in the formiNICSiteSurvey function of the /goform/formiNICSiteSurvey file. Manipulation of the selSSID argument allows remote attack. The exploit has been published and may be used.
Risk Assessment
An attacker can remotely take control of the device, leading to network integrity compromise and potential access to sensitive data.
Recommendation
Immediately disconnect or isolate the device from the network and contact the vendor for a security update.
Original NVD description (English source)
A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

