CVE-2026-13561

Publié : 29 juin 2026

Modifié : 29 juin 2026

Score CVSS

6.3

MEDIUM

Description détaillée

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Références et Patchs

https://lavender-bicycle-a5a.notion.site/EDIMAX-EW-7478APC-formiNICbasic-34b53a41781f8052bc69c85481124dff https://vuldb.com/cve/CVE-2026-13561 https://vuldb.com/submit/844111 https://vuldb.com/vuln/374569 https://vuldb.com/vuln/374569/cti

Dernières Vulnérabilités

CVE-2026-57525

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

VOIR DÉTAILS

CVE-2026-57523

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

VOIR DÉTAILS

CVE-2026-57341

Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions.

VOIR DÉTAILS