CVE-2026-36734

HighRCE

Published: 11 May 2026

Published

11 May 2026

Modified

12 May 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0017 38.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-36734 is a high-severity Command Injection (CWE-77) vulnerability in Edimax (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, ranked at the 38.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

NVD Description

EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authenticated attacker with access to the network can submit crafted input to the WLAN configuration functionality. Due to insufficient input validation, the attacker is able to execute arbitrary system commands…

on the device.

Deeper analysisAI

Automated synthesis unavailable for this CVE.

Details

CWE(s): CWE-77

Affected Products

Edimax

—

inferred from references and description; NVD did not file a CPE for this CVE

References

http://edimax.com
cve@mitre.org
https://github.com/theShinigami/CVE-Disclosures/tree/main/CVE-2026-36734
cve@mitre.org