Vulnerability Details CVE-2026-32839
Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remote attackers to perform unauthorized administrative actions by inducing logged-in administrators to visit malicious pages. Attackers can exploit the lack of anti-CSRF tokens and request validation to change passwords, upload firmware, reboot the device, perform factory resets, or modify network configurations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.5%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2026-32839
-
cpe:2.3:h:edimax:gs-5008pl:-
-
cpe:2.3:o:edimax:gs-5008pl_firmware:*