CVE-2026-32841

Q: What is the CVSS score of CVE-2026-32841?

CVE-2026-32841 has a CVSS 4.0 base score of 9.2 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

EUVD-2026-12653 CRITICAL

Excessive Reliance on Global Variables (CWE-1108)

2026-03-17 VulnCheck

Authentication Bypass

9.2

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Re-analysis Queued

May 26, 2026 - 14:22 vuln.today

cvss_changed

Severity Changed

May 26, 2026 - 14:22 NVD

HIGH CRITICAL

CVSS changed

May 26, 2026 - 14:22 NVD

8.1 (HIGH) 9.2 (CRITICAL)

EUVD ID Assigned

Mar 17, 2026 - 22:00 euvd

EUVD-2026-12653

Analysis Generated

Mar 17, 2026 - 22:00 vuln.today

CVE Published

Mar 17, 2026 - 21:41 nvd

HIGH 8.1

DescriptionNVD

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any user authenticates, enabling unauthorized password changes, firmware uploads, and configuration modifications.

AnalysisAI

Edimax GS-5008PL switches running firmware 1.00.54 and earlier contain an authentication bypass in the management interface that allows unauthenticated remote attackers to gain administrative access by exploiting a flawed global authentication flag mechanism. Once bypassed, attackers can modify administrator credentials, upload malicious firmware, and alter device configurations without any authentication required. …

RemediationAI

Within 24 hours: Identify all affected GS-5008PL switches in production and document their network locations and current firmware versions. Within 7 days: Implement network segmentation to restrict management interface access to administrative VLANs only, disable remote management if not required, and enforce strong monitoring of management port activity (ports 80/443/22). …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-32841 vulnerability details – vuln.today

Back

CVE-2026-32841

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

CVE-2026-32841

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code