Platform
linux
Component
edimax-gs-5008pl
Fixed in
1.0.55
CVE-2026-32839 describes a cross-site request forgery (CSRF) vulnerability present in Edimax GS-5008PL network switches. This flaw allows a remote attacker to trick authenticated administrators into unknowingly executing malicious commands, potentially gaining control of the device. The vulnerability impacts versions 1.0.0 through 1.0.54 and has been resolved in version 1.0.55.
The CSRF vulnerability in the Edimax GS-5008PL switch allows an attacker to execute arbitrary administrative actions on behalf of a logged-in user. This includes, but is not limited to, changing administrator passwords, uploading malicious firmware, rebooting the device, performing factory resets, and modifying network configurations. Successful exploitation could lead to a complete compromise of the switch, enabling the attacker to intercept network traffic, disrupt services, or use the switch as a pivot point for further attacks within the network. The lack of proper anti-CSRF protections, such as request validation or CSRF tokens, makes this vulnerability particularly dangerous.
CVE-2026-32839 was publicly disclosed on March 17, 2026. There is no indication of active exploitation or inclusion on the CISA KEV catalog at this time. Public proof-of-concept (PoC) code is currently unavailable, but the relatively simple nature of CSRF vulnerabilities suggests that PoCs may emerge. The vulnerability's impact is amplified by the widespread deployment of small business network switches like the Edimax GS-5008PL.
Exploit Status
EPSS
0.03% (7% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-32839 is to upgrade the Edimax GS-5008PL switch firmware to version 1.0.55 or later. If an immediate upgrade is not feasible due to compatibility concerns or testing requirements, consider implementing temporary workarounds. These may include restricting administrative access to the switch from untrusted networks, implementing multi-factor authentication (MFA) for administrative accounts, and carefully reviewing any configuration changes made through the web interface. Monitoring network traffic for suspicious requests targeting the switch's administrative interface can also help detect potential exploitation attempts. After upgrading, verify the fix by attempting a CSRF attack via a crafted URL and confirming that the action is denied.
Update the Edimax GS-5008PL device firmware to version 1.0.55 or higher to mitigate the CSRF vulnerability. Verify the availability of the update on the manufacturer's website. Implement additional security measures, such as multi-factor authentication, to protect administrative access.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-32839 is a cross-site request forgery vulnerability affecting Edimax GS-5008PL switches, allowing attackers to perform unauthorized actions as administrators.
You are affected if your Edimax GS-5008PL switch is running version 1.0.0 through 1.0.54.
Upgrade your Edimax GS-5008PL switch firmware to version 1.0.55 or later. Consider temporary workarounds if an immediate upgrade is not possible.
There is currently no indication of active exploitation, but the vulnerability's nature suggests PoCs may emerge.
Refer to the Edimax security advisory for CVE-2026-32839 on the Edimax website (link not available at time of writing).
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.