CVE-2020-37097

High CVSS: 8.7

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.

Vendor

Edimax

Product

Ew-7438rpn Mini Firmware

CWE

CWE-522

Yayın Tarihi

2026-02-03 22:16:26

Güncelleme

2026-02-20 15:45:39

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-522 Ew-7438rpn Mini Firmware HIGH Edimax 2026

Referanslar

https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/ https://www.exploit-db.com/exploits/48365 https://www.vulncheck.com/advisories/edimax-ew-rpn-information-disclosure-wifi-password

Benzer Kayıtlar

Critical

CVE-2026-32841

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthent…

High

CVE-2026-32842

Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows att…

High

CVE-2026-32838

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implemen…

Medium

CVE-2026-32839

Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remot…

Medium

CVE-2026-32840

Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the system_na…

Medium

CVE-2026-1972

A vulnerability was found in Edimax BR-6208AC 2_1.02. The affected element is the function auth_check_userpass2. Perform…