Description
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username and password fields for unauthorized administrative access.
Published: 2026-03-17
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Administrative Access
Action: Patch Immediately
AI Analysis

Impact

The vulnerability is an insecure credential storage flaw that allows an attacker to download the configuration backup file (config.bin) through the fupload.cgi endpoint and then extract the plaintext username and password fields embedded within it. This provides a mechanism for obtaining valid administrative credentials, which can be used to access the device’s web‑based management interface with full privileges. The weakness corresponds to CWE‑312, Plaintext Storage of Sensitive Information.

Affected Systems

Affected vendor: EDIMAX Technology Co., Ltd. Product: Edimax GS‑5008PL. Firmware versions 1.00.54 and earlier are vulnerable; versions newer than 1.00.54 are presumed not to contain the flaw.

Risk and Exploitability

The CVSS base score is 7.1, indicating a high severity level. The EPSS score is reported as less than 1%, suggesting a low likelihood of widespread exploitation at present. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the attacker can obtain credentials via the device’s web interface, typically by accessing the fupload.cgi endpoint without needing pre‑existing authentication. Thus, the attack vector is a local or remote web‑based request, and the exploitation path is straightforward: download config.bin, parse the plaintext fields, and use the extracted credentials to gain administrative control.

Generated by OpenCVE AI on March 19, 2026 at 16:17 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the vendor’s website for the latest firmware release; if a version newer than 1.00.54 is available, install it to eliminate the insecure credential storage.
  • If no update is available or deploying the firmware is impractical, restrict or disable access to the fupload.cgi endpoint that allows downloading configuration backups.
  • Limit inbound administrative traffic to the device by configuring firewall rules or placing the switch in a dedicated, internally trusted VLAN.
  • If the device remains exposed and cannot be secured through update or configuration changes, consider replacing it with a product that follows secure credential storage practices.

Generated by OpenCVE AI on March 19, 2026 at 16:17 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Edimax
Edimax gs-5008pl
Edimax gs-5008pl Firmware
CPEs cpe:2.3:h:edimax:gs-5008pl:-:*:*:*:*:*:*:*
cpe:2.3:o:edimax:gs-5008pl_firmware:*:*:*:*:*:*:*:*
Vendors & Products Edimax
Edimax gs-5008pl
Edimax gs-5008pl Firmware

Wed, 18 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Mar 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Edimax Technology
Edimax Technology edimax Gs-5008pl
Vendors & Products Edimax Technology
Edimax Technology edimax Gs-5008pl

Tue, 17 Mar 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Tue, 17 Mar 2026 21:45:00 +0000

Type Values Removed Values Added
Description Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username and password fields for unauthorized administrative access.
Title Edimax GS-5008PL <= 1.00.54 Admin Credentials Stored in Cleartext
Weaknesses CWE-312
References
Metrics cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Edimax Gs-5008pl Gs-5008pl Firmware
Edimax Technology Edimax Gs-5008pl
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-18T20:09:26.547Z

Reserved: 2026-03-16T18:11:41.758Z

Link: CVE-2026-32842

cve-icon Vulnrichment

Updated: 2026-03-18T20:09:23.546Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-17T22:16:15.227

Modified: 2026-03-19T13:54:05.037

Link: CVE-2026-32842

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-24T10:54:35Z

Weaknesses