CVE-2020-37096 – This CSRF vulnerability in Edimax EW-7438RPn's ... (How to Fix)

Q: What is the severity of CVE-2020-37096?

CVE-2020-37096 has a CVSS score of 5.3 (MEDIUM). This CSRF vulnerability in Edimax EW-7438RPn's MAC filtering interface allows attackers to trick authenticated users into adding unauthorized MAC addresses to the device's filtering rules. This affects users who access the web interface of vulnerable Edimax range extenders.

📋 TL;DR

This CSRF vulnerability in Edimax EW-7438RPn's MAC filtering interface allows attackers to trick authenticated users into adding unauthorized MAC addresses to the device's filtering rules. This affects users who access the web interface of vulnerable Edimax range extenders.

💻 Affected Systems

Products:

Edimax EW-7438RPn Mini

Versions: Version 1.13

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Requires user to be authenticated to the web interface for successful exploitation.

📦 What is this software?

Ew 7438rpn Mini Firmware by Edimax

View all CVEs affecting Ew 7438rpn Mini Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could add malicious MAC addresses to bypass network access controls, potentially allowing unauthorized devices to connect to the network.

🟠

Likely Case

Attackers trick users into adding specific MAC addresses to bypass MAC filtering, enabling unauthorized network access.

🟢

If Mitigated

With proper CSRF protections and network segmentation, impact is limited to potential MAC filtering bypass on isolated devices.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires user interaction (visiting malicious page while authenticated). Proof of concept available on Exploit-DB.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not provided by vendor

Restart Required: No

Instructions:

No official patch available. Check vendor website for firmware updates.

🔧 Temporary Workarounds

Disable MAC Filtering Interface

all

Disable or restrict access to the MAC filtering configuration interface if not needed.

Network Segmentation

all

Isolate the range extender on a separate VLAN to limit potential impact.

🧯 If You Can't Patch

Implement network-level MAC filtering on upstream devices
Use browser extensions that block CSRF attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version via web interface. If version is 1.13, device is vulnerable.

Check Version:

Login to web interface and check firmware version in system settings.

Verify Fix Applied:

No official fix available to verify.

📡 Detection & Monitoring

Log Indicators:

Unexpected MAC address additions in device logs
Multiple MAC filtering configuration changes

Network Indicators:

Unauthorized devices connecting via MAC addresses not in original whitelist

SIEM Query:

Search for MAC address changes in device configuration logs

📊 Metadata

CVE ID: CVE-2020-37096

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE: CWE-352

Published: February 3, 2026

Last Updated: February 20, 2026

🔗 References

https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/ Product
https://www.exploit-db.com/exploits/48366 Exploit,Third Party Advisory,VDB Entry
https://www.vulncheck.com/advisories/edimax-ew-rpn-cross-site-request-forgery-mac-filtering Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37096, you might also want to check these: