A vulnerability, which was classified as critical , was found in Edimax EW-7478APC 1.04 . This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler . The manipulation of the argument rootAPmac results in os command injection. This vulnerability is identified as CVE-2026-13581 . The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any