CVE-2020-37097 HIGH

CVE-2020-37097: Edimax EW-7438RPn 1.13 - Information Disclosure (WiFi Password)

Vendor Edimax Technology Co., Ltd.
Product EW-7438RPn Mini
Weakness CWE-522 · Insufficiently protected credentials
Published February 3, 2026
Last update March 5, 2026

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Edimax EW-7438RPn 1.13 contains an information disclosure vulnerability that exposes WiFi network configuration details through the wlencrypt_wiz.asp file. Attackers can access the script to retrieve sensitive information including WiFi network name and plaintext password stored in device configuration variables.

Key dates

02Disclosure timeline

February 3, 2026 CVE published
March 5, 2026 Record updated