Edimax GS-5008PL Insecure Credential Storage Vulnerability Allowing Unauthorized Administrative Access

Vulnerability

A vulnerability exists in the Edimax GS-5008PL switch, specifically in firmware versions through 1.00.54, due to insecure storage of credentials. This flaw enables attackers to retrieve administrator usernames and passwords from configuration backup files. The vulnerable 'fupload.cgi' component can be exploited to download these files, granting unauthorized access to administrative functions.

Impact

Exploitation of this vulnerability allows for unauthorized administrative access on the affected switch.

Added: Mar 17, 2026, 10:34 PM

Updated: Mar 17, 2026, 10:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Edimax GS-5008PL Insecure Credential Storage Vulnerability Allowing Unauthorized Administrative Access

Vulnerability

Impact

Affected Products

Edimax GS-5008PL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating