CVE-2025-34029
Published: 20 June 2025
Summary
CVE-2025-34029 is a critical-severity OS Command Injection (CWE-78) vulnerability in Edimax Ew-7438Rpn Mini Firmware. Its CVSS base score is 9.4 (Critical).
Operationally, ranked in the top 9.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior. The flaw resides in the syscmd.asp form handler at the /goform/formSysCmd endpoint, where the sysCmd parameter accepts unsanitized input that is passed directly to the underlying system shell, enabling execution as the root user. The issue is tracked as CWE-78 and carries a CVSS 4.0 score of 9.4.
A remote authenticated attacker can supply arbitrary shell commands through the sysCmd parameter to achieve full command execution on the device. Successful exploitation grants the attacker root-level control over the affected range extender, allowing arbitrary system modification, data access, or further lateral movement within the network. Evidence of real-world exploitation attempts against this vulnerability was recorded by the Shadowserver Foundation on 2024-09-14 UTC.
The provided references include a VulnCheck advisory, an Exploit-DB entry, a Broadcom attack signature, and the vendor product page, but contain no explicit statements on patches or mitigation steps. The associated EPSS score remains flat at 0.0535 with no material increase observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-18775
Vulnerability details
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13 and prior via the syscmd.asp form handler. The /goform/formSysCmd endpoint exposes a system command interface through the sysCmd parameter. A remote authenticated attacker can submit arbitrary…
more
shell commands directly, resulting in command execution as the root user. Exploitation evidence was observed by the Shadowserver Foundation on 2024-09-14 UTC.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.