A vulnerability marked as critical has been reported in Edimax EW-7478APC 1.04 . The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler . The manipulation of the argument submit-url leads to os command injection. This vulnerability is uniquely identified as CVE-2026-13560 . The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any