EUVD-2026-12653CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Description
Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any user authenticates, enabling unauthorized password changes, firmware uploads, and configuration modifications.
Analysis
Edimax GS-5008PL switches running firmware 1.00.54 and earlier contain an authentication bypass in the management interface that allows unauthenticated remote attackers to gain administrative access by exploiting a flawed global authentication flag mechanism. Once bypassed, attackers can modify administrator credentials, upload malicious firmware, and alter device configurations without any authentication required. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all affected GS-5008PL switches in production and document their network locations and current firmware versions. Within 7 days: Implement network segmentation to restrict management interface access to administrative VLANs only, disable remote management if not required, and enforce strong monitoring of management port activity (ports 80/443/22). …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today