{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-34024","assignerOrgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","state":"PUBLISHED","assignerShortName":"VulnCheck","dateReserved":"2025-04-15T19:15:22.545Z","datePublished":"2025-06-20T18:38:02.885Z","dateUpdated":"2026-05-14T02:07:22.672Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Web Management Interface (mp.asp command handler)"],"product":"Edimax EW-7438RPn Mini","vendor":"Edimax","versions":[{"lessThanOrEqual":"1.13","status":"affected","version":"0","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:h:edimax:ew-7438rpn_mini_v2:*:*:*:*:*:*:*:*","versionEndIncluding":"1.13","versionStartIncluding":"0","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"Besim Altinok"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacters to achieve arbitrary command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC."}],"value":"An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacters to achieve arbitrary command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Known exploited vulnerability"}],"value":"Known exploited vulnerability"}],"impacts":[{"capecId":"CAPEC-88","descriptions":[{"lang":"en","value":"CAPEC-88 OS Command Injection"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":9.4,"baseSeverity":"CRITICAL","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"83251b91-4cc7-4094-a5c7-464a1b83ea10","shortName":"VulnCheck","dateUpdated":"2026-05-14T02:07:22.672Z"},"references":[{"tags":["product"],"url":"https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/"},{"tags":["third-party-advisory","exploit"],"url":"https://www.exploit-db.com/exploits/48377"},{"tags":["third-party-advisory"],"url":"https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=32163"},{"tags":["third-party-advisory"],"url":"https://vulncheck.com/advisories/edimax-ew-7438rpn-command-injections"}],"source":{"discovery":"UNKNOWN"},"tags":["x_known-exploited-vulnerability"],"title":"Edimax EW-7438RPn Mini OS Command Injection via mp.asp","x_generator":{"engine":"vulncheck"},"datePublic":"2020-04-24T00:00:00.000Z"},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-06-23T20:39:27.231637Z","id":"CVE-2025-34024","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-23T20:40:00.795Z"}}]}}