CVE-2020-37150 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2020-37150?

CVE-2020-37150 has a CVSS score of 7.5 (HIGH). This vulnerability allows unauthenticated attackers to access the /wizard_reboot.asp page on Edimax EW-7438RPn-v3 Mini range extenders, which discloses the Wi-Fi SSID and security key. Attackers can retrieve wireless passwords via simple GET requests without any authentication. This affects users of Edimax EW-7438RPn-v3 Mini range extenders running firmware version 1.27.

📋 TL;DR

This vulnerability allows unauthenticated attackers to access the /wizard_reboot.asp page on Edimax EW-7438RPn-v3 Mini range extenders, which discloses the Wi-Fi SSID and security key. Attackers can retrieve wireless passwords via simple GET requests without any authentication. This affects users of Edimax EW-7438RPn-v3 Mini range extenders running firmware version 1.27.

💻 Affected Systems

Products:

Edimax EW-7438RPn-v3 Mini

Versions: 1.27

Operating Systems: Embedded firmware

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerable in default configuration when device is in unsetup mode. Requires physical access or wireless proximity to exploit.

📦 What is this software?

Ew 7438rpn Mini Firmware by Edimax

View all CVEs affecting Ew 7438rpn Mini Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain unauthorized access to the wireless network, potentially compromising all connected devices, intercepting network traffic, and launching further attacks against internal systems.

🟠

Likely Case

Local attackers within wireless range obtain the Wi-Fi password and join the network without authorization, potentially accessing shared resources and monitoring network traffic.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to the wireless network perimeter with no access to critical internal systems.

🌐 Internet-Facing: LOW

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP GET request to /wizard_reboot.asp endpoint. Exploit code is publicly available on Exploit-DB.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/

Restart Required: No

Instructions:

1. Check Edimax website for firmware updates. 2. Download latest firmware. 3. Access device web interface. 4. Navigate to firmware update section. 5. Upload and apply new firmware.

🔧 Temporary Workarounds

Disable Unsetup Mode

all

Complete device setup wizard to exit unsetup mode where vulnerability exists

Network Isolation

all

Place affected range extender on isolated network segment with strict firewall rules

🧯 If You Can't Patch

Physically secure device to prevent unauthorized physical/wireless access
Replace with different vendor/model that receives security updates

🔍 How to Verify

Check if Vulnerable:

Send HTTP GET request to http://[device-ip]/wizard_reboot.asp and check if Wi-Fi credentials are returned in response

Check Version:

Check web interface status page or use nmap -sV -p80 [device-ip] to identify firmware version

Verify Fix Applied:

Attempt same GET request after remediation - should return error or no sensitive data

📡 Detection & Monitoring

Log Indicators:

HTTP GET requests to /wizard_reboot.asp from unauthorized IPs
Multiple failed authentication attempts followed by successful access to wizard pages

Network Indicators:

Unusual HTTP traffic to device management interface from unexpected sources
ARP spoofing or unusual MAC addresses on wireless network

SIEM Query:

source_ip=* AND url_path="/wizard_reboot.asp" AND http_method="GET" AND NOT user_agent="*Edimax*"

📊 Metadata

CVE ID: CVE-2020-37150

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-201

Published: February 5, 2026

Last Updated: February 18, 2026

🔗 References

https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/global/wi-fi_range_extenders_n300/ew-7438rpn_mini/ Product
https://www.exploit-db.com/exploits/48318 Exploit,Third Party Advisory,VDB Entry
https://www.vulncheck.com/advisories/edimax-technology-ew-rpn-mini-unauthorized-access-wi-fi-password-disclosure Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-37150, you might also want to check these: