CVE-2026-32838

Published: Mar 17, 2026 Last Modified: Mar 17, 2026

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 8,7

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Confidentiality: N/A

Integrity: N/A

Availability: N/A

HIGH 7,5

Source: [email protected]

Attack Vector: network

Attack Complexity: low

Privileges Required: none

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data.

319

Cleartext Transmission of Sensitive Information

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Confidentiality

Potential Impacts:

Read Application Data Modify Files Or Directories Other

Applicable Platforms

Technologies: Cloud Computing, ICS/OT, Mobile, Not Technology-Specific, System on Chip, Test/Debug Hardware

Likelihood of Exploit: High

View CWE Details

https://www.edimax.com/edimax/merchandise/merchandise_detai…

https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/us/smb…

https://www.edimax.com/edimax/merchandise/merchandise_list/…

https://www.edimax.com/edimax/merchandise/merchandise_list/data/edimax/us/smb_l…

https://www.vulncheck.com/advisories/edimax-gs-5008pl-trans…

https://www.vulncheck.com/advisories/edimax-gs-5008pl-transmits-credentials-ove…

CVE-2026-32838

Description

Cleartext Transmission of Sensitive Information

Common Consequences

Applicable Platforms

Iscriviti alla newsletter