CVE-2026-32842
Received Received - Intake
Insecure Credential Storage in Edimax GS-5008PL Firmware

Publication date: 2026-03-17

Last updated on: 2026-03-19

Assigner: VulnCheck

Description
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username and password fields for unauthorized administrative access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-17
Last Modified
2026-03-19
Generated
2026-06-16
AI Q&A
2026-03-18
EPSS Evaluated
2026-06-15
NVD
CVE-2026-32842
EUVD
EUVD-2026-12655
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
edimax gs-5008pl_firmware to 1.00.54 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-312 The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability exists in Edimax GS-5008PL firmware version 1.00.54 and earlier. It involves insecure credential storage where attackers can access configuration backup files, specifically the config.bin file, via the fupload.cgi interface. By downloading this file, attackers can extract plaintext administrator usernames and passwords, allowing unauthorized administrative access.

Impact Analysis

This vulnerability can lead to unauthorized administrative access to the affected device. An attacker who obtains the administrator credentials can potentially control the device, change configurations, disrupt network operations, or use the device as a foothold for further attacks within the network.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-32842. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart