Sign-up

ID

VAR-202602-0150


CVE

CVE-2020-37096


DESCRIPTION

Edimax EW-7438RPn 1.13 contains a cross-site request forgery vulnerability in the MAC filtering configuration interface. Attackers can craft malicious web pages to trick users into adding unauthorized MAC addresses to the device's filtering rules without their consent.

Trust: 1.0

sources: NVD: CVE-2020-37096

AFFECTED PRODUCTS

vendor:edimaxmodel:ew-7438rpn miniscope:eqversion:1.13

Trust: 1.0

sources: NVD: CVE-2020-37096

CVSS

SEVERITY

CVSSV2

CVSSV3

disclosure@vulncheck.com: CVE-2020-37096
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2020-37096
value: MEDIUM

Trust: 1.0

disclosure@vulncheck.com: CVE-2020-37096
baseSeverity: MEDIUM
baseScore: 5.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 1.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2020-37096
baseSeverity: MEDIUM
baseScore: 4.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 1.4
version: 3.1

Trust: 1.0

sources: NVD: CVE-2020-37096 // NVD: CVE-2020-37096

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.0

sources: NVD: CVE-2020-37096

EXTERNAL IDS

db:EXPLOIT-DBid:48366

Trust: 1.0

db:NVDid:CVE-2020-37096

Trust: 1.0

sources: NVD: CVE-2020-37096

REFERENCES

url:https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/

Trust: 1.0

url:https://www.exploit-db.com/exploits/48366

Trust: 1.0

url:https://www.vulncheck.com/advisories/edimax-ew-rpn-cross-site-request-forgery-mac-filtering

Trust: 1.0

sources: NVD: CVE-2020-37096

SOURCES

db:NVDid:CVE-2020-37096

LAST UPDATE DATE

2026-02-20T23:48:02.718000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2020-37096date:2026-02-20T15:37:23.570

SOURCES RELEASE DATE

db:NVDid:CVE-2020-37096date:2026-02-03T22:16:25.847