CVE-2026-32841— Edimax GS-5008PL <= 1.00.54 Global Authentication State Across All Clients
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-32841
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Edimax GS-5008PL <= 1.00.54 Global Authentication State Across All Clients
Source: NVD (National Vulnerability Database)
Vulnerability Description
Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any user authenticates, enabling unauthorized password changes, firmware uploads, and configuration modifications.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1108
Source: NVD (National Vulnerability Database)
Vulnerability Title
Edimax GS-5008PL 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Edimax GS-5008PL是中国台湾讯舟(Edimax)公司的一款千兆以太网交换机。 Edimax GS-5008PL 1.00.54及之前版本存在安全漏洞,该漏洞源于身份验证绕过,可能导致未经身份验证的攻击者访问管理界面,进行未经授权的密码更改、固件上传和配置修改。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| EDIMAX Technology Co., Ltd. | Edimax GS-5008PL | 0 ~ 1.0.54 | - |
II. Public POCs for CVE-2026-32841
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-32841
请登录查看更多情报信息。
Same Patch Batch · EDIMAX Technology Co., Ltd. · 2026-03-17 · 5 CVEs total
| CVE-2026-32838 | 7.5 HIGH | Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Cleartext HTTP |
| CVE-2026-32842 | 6.5 MEDIUM | Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext |
| CVE-2026-32840 | 5.4 MEDIUM | Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name |
| CVE-2026-32839 | 4.3 MEDIUM | Edimax GS-5008PL <= 1.00.54 CSRF via Management CGI Endpoints |
IV. Related Vulnerabilities
Same product: Edimax GS-5008PL
Same vendor: EDIMAX Technology Co., Ltd.
- CVE-2026-32838
Edimax GS-5008PL <= 1.00.54 Transmits Credentials Over Clear - CVE-2026-32839
Edimax GS-5008PL <= 1.00.54 CSRF via Management CGI Endpoint - CVE-2026-32840
Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name - CVE-2026-32842
Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Clea - CVE-2020-37097
Edimax EW-7438RPn 1.13 - Information Disclosure (WiFi Passwo
V. Comments for CVE-2026-32841
No comments yet