CVE-2026-32839

Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that allows remote attackers to perform unauthorized administrative actions by inducing logged-in administrators to visit malicious pages. Attackers can exploit the lack of anti-CSRF tokens and...

CVE-2026-32841

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any...

EUVD-2026-12647

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

CVE-2026-32838

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

CVE-2026-32841 Edimax GS-5008PL <= 1.00.54 Global Authentication State Across All Clients

Edimax GS-5008PL firmware versions 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any...

Edimax GS-5008PL 跨站脚本漏洞

The Edimax GS-5008PL is a Gigabit Ethernet switch produced by Edimax of Taiwan, China. Versions of the Edimax GS-5008PL prior to 1.00.54 contained a cross-site scripting vulnerability. This vulnerability stemmed from the systemnameset.cgi script, which had a storage-type cross-site scripting flaw...

PT-2026-25944

Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface without implementing TLS or SSL encryption. Attackers on the same network can intercept management traffic to capture administrator credentials and sensitive configuration data...

PT-2026-25947

Edimax GS-5008PL firmware version 1.00.54 and prior contain an authentication bypass vulnerability that allows unauthenticated attackers to access the management interface. Attackers can exploit the global authentication flag mechanism to gain administrative access without credentials after any...

Intelbras SG 2404 MR 安全漏洞

The Intelbras SG 2404 MR is a switch with network management capabilities from Intelbras of Brazil. A security vulnerability exists in the Intelbras SG 2404 MR version 1.00.54, which stems from an authentication bypass that allows an unauthenticated attacker to download a backup file of the devic...

CVE-2023-29780

Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes...

Third Reality Smart Blind 输入验证错误漏洞

Third Reality Smart Blind is a smart blind from Third Reality. A security vulnerability exists in Third Reality Smart Blind version 1.00.54. An attacker exploited the vulnerability to send a malicious Zigbee message to a vulnerable device and cause a crash...

PT-2023-22417 · Third Reality · Third Reality Smart Blind

Name of the Vulnerable Software and Affected Versions: Third Reality Smart Blind version 1.00.54 Description: The issue allows a remote attacker to send malicious Zigbee messages to a vulnerable device, causing it to crash. This is a denial-of-service vulnerability. Recommendations: For Third...

Out-of-bounds

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileg...