← Volver a CVEs
CVE-2020-37097
HIGH7.5
Descripcion
Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado2/3/2026
Ultima modificacion2/20/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
edimax:ew-7438rpn_miniedimax:ew-7438rpn_mini_firmware
Debilidades (CWE)
CWE-522
Referencias
https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/(disclosure@vulncheck.com)
https://www.exploit-db.com/exploits/48365(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/edimax-ew-rpn-information-disclosure-wifi-password(disclosure@vulncheck.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.