Edimax GS-5008PL firmware version 1.00.54 and prior contain an insecure credential storage vulnerability that allows attackers to obtain administrator credentials by accessing configuration backup files. Attackers can download the config.bin file through fupload.cgi to extract plaintext username and password fields for unauthorized administrative access.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XEdimax Gs 5008pl
HWEdimaxwszystkie wersjeEdimax Gs 5008pl Firmware
OSEdimax≤ 1.00.54
Powiązane podatności
Edimax GS-5008PL — pominięcie uwierzytelnienia w interfejsie zarządzania
Edimax GS-5008PL firmware version 1.00.54 and prior use cleartext HTTP for the web management interface withou...
Edimax GS-5008PL firmware version 1.00.54 and prior contain a cross-site request forgery vulnerability that al...
Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the...
Edimax IC-7100: Command Injection umożliwiający zdalny RCE