Edimax GS-5008PL firmware versions 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any user authenticates, enabling unauthorized password changes, firmware uploads, and configuration modifications.
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XEdimax Gs 5008pl
HWEdimaxwszystkie wersjeEdimax Gs 5008pl Firmware
OSEdimax≤ 1.00.54
Related vulnerabilities
Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface withou...
Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that ...
Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that al...
Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the...
Edimax IC-7100: Command Injection umożliwiający zdalny RCE