Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username and password fields for unauthorized administrative access.
AnalysisAI
CVE-2026-32842 is a security vulnerability (CVSS 6.5) that allows attackers. Remediation should follow standard vulnerability management procedures.
Technical ContextAI
CWE-312 (Cleartext Storage).
RemediationAI
Monitor vendor channels for patch availability.
More in Edimax Gs 5008pl
View allEdimax GS-5008PL switches running firmware 1.00.54 and earlier contain an authentication bypass in the management interf
A remote code execution vulnerability (CVSS 7.5). High severity vulnerability requiring prompt remediation.
Stored cross-site scripting in Edimax GS-5008PL firmware version 1.00.54 and earlier allows authenticated attackers to i
Cross-site request forgery in Edimax GS-5008PL firmware version 1.00.54 and earlier allows unauthenticated remote attack
Same weakness CWE-312 – Cleartext Storage of Sensitive Information
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12655