Edimax GS-5008PL Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in the Edimax GS-5008PL switch, affecting firmware versions through 1.00.54. This vulnerability allows remote attackers to perform unauthorized administrative actions by tricking logged-in administrators into visiting malicious pages. The absence of anti-CSRF tokens and proper request validation can be exploited to change passwords, upload firmware, reboot the device, perform factory resets, or alter network configurations.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative actions on the affected device, allowing for significant changes to the device's configuration and management.

Added: Mar 17, 2026, 10:25 PM

Updated: Mar 17, 2026, 10:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.2

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.2

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Edimax GS-5008PL Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Affected Products

Edimax GS-5008PL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating