CVE-2026-13560 | Edimax EW-7478APC 1.04 POST Request /goform/formAccept submit-url os command injection

SecurityVulns

A vulnerability marked as critical has been reported in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection.

This vulnerability is uniquely identified as CVE-2026-13560. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More