{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32840", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-03-16T18:11:41.758Z", "datePublished": "2026-03-17T21:42:08.065Z", "dateUpdated": "2026-05-08T14:03:05.690Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-08T14:03:05.690Z"}, "title": "Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name", "descriptions": [{"lang": "en", "value": "Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the system_name_set.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script payload that executes when management pages including system_data.js are viewed by administrators."}], "tags": ["unsupported-when-assigned"], "datePublic": "2026-03-18T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "affected": [{"vendor": "EDIMAX Technology Co., Ltd.", "product": "Edimax GS-5008PL", "versions": [{"status": "affected", "version": "0", "lessThanOrEqual": "1.0.54", "versionType": "semver"}], "defaultStatus": "unknown"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 5.1, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", "version": "3.1", "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}}], "references": [{"url": "https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/us/smb_legacy_switches/gs-5008pl/", "tags": ["product"]}, {"url": "https://www.edimax.com/edimax/merchandise/merchandise_list/data/edimax/us/smb_legacy_products/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/edimax-gs-5008pl-stored-xss-via-device-name", "tags": ["third-party-advisory"]}], "credits": [{"lang": "en", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc.", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T20:09:50.690932Z", "id": "CVE-2026-32840", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T20:09:56.986Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-32840", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-18T20:09:50.690932Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T20:09:54.448Z"}}], "cna": {"tags": ["unsupported-when-assigned"], "title": "Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc."}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "EDIMAX Technology Co., Ltd.", "product": "Edimax GS-5008PL", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "1.0.54"}], "defaultStatus": "unknown"}], "datePublic": "2026-03-18T00:00:00.000Z", "references": [{"url": "https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/us/smb_legacy_switches/gs-5008pl/", "tags": ["product"]}, {"url": "https://www.edimax.com/edimax/merchandise/merchandise_list/data/edimax/us/smb_legacy_products/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/edimax-gs-5008pl-stored-xss-via-device-name", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.0"}, "descriptions": [{"lang": "en", "value": "Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the system_name_set.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script payload that executes when management pages including system_data.js are viewed by administrators."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-05-08T14:03:05.690Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32840", "state": "PUBLISHED", "dateUpdated": "2026-05-08T14:03:05.690Z", "dateReserved": "2026-03-16T18:11:41.758Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-17T21:42:08.065Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:edimax:gs-5008pl_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D7B2D27-F6A6-4646-ACC9-EEB3CA14C081", "versionEndIncluding": "1.00.54", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:edimax:gs-5008pl:-:*:*:*:*:*:*:*", "matchCriteriaId": "5804910F-1457-49D5-9FB1-8F131C771011", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [{"sourceIdentifier": "disclosure@vulncheck.com", "tags": ["unsupported-when-assigned"]}], "descriptions": [{"lang": "en", "value": "Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the system_name_set.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script payload that executes when management pages including system_data.js are viewed by administrators."}, {"lang": "es", "value": "Edimax GS-5008PL firmware versi\u00f3n 1.00.54 y anteriores contienen una vulnerabilidad de cross-site scripting almacenado en el script system_name_set.cgi que permite a los atacantes inyectar c\u00f3digo de script arbitrario manipulando el par\u00e1metro sysName. Los atacantes pueden enviar una solicitud POST manipulada con una carga \u00fatil de script malicioso que se ejecuta cuando las p\u00e1ginas de administraci\u00f3n, incluyendo system_data.js, son vistas por los administradores."}], "id": "CVE-2026-32840", "lastModified": "2026-03-19T14:04:08.787", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-17T22:16:14.850", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.edimax.com/edimax/merchandise/merchandise_detail/data/edimax/us/smb_legacy_switches/gs-5008pl/"}, {"source": "disclosure@vulncheck.com", "tags": ["Product"], "url": "https://www.edimax.com/edimax/merchandise/merchandise_list/data/edimax/us/smb_legacy_products/"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://www.vulncheck.com/advisories/edimax-gs-5008pl-stored-xss-via-device-name"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.00.54]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "inferred", "scores": [{"score": 100.0, "source": "inferred"}]}, "product": "edimax_gs-5008pl", "vendor": "edimax_technology"}], "analysis": {"en": {"generated_at": "2026-03-19T16:16:49.260752+00:00", "value": {"mitigation_remediation": ["Apply a firmware upgrade that is newer than version 1.00.54.", "If a firmware upgrade cannot be performed immediately, restrict access to the device\u2019s web\u2011interface to trusted administrators and isolate the switch on a secure internal network.", "After remediation, verify that the sysName field no longer accepts arbitrary script and that no injected scripts execute when administrative pages are loaded."], "summary": {"action": "Upgrade Firmware", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The impacted vendor is Edimax Technology Co., Ltd. The product affected is the Edimax GS\u20115008PL switch. All firmware builds version 1.00.54 and earlier are eligible for the vulnerability as indicated by the vendor\u2019s product listings and the CPE strings that reference the device and its firmware.", "description_and_impact": "A stored cross\u2011site scripting (XSS) flaw exists in Edimax GS\u20115008PL firmware versions 1.00.54 and earlier. The flaw allows an attacker to send a crafted POST request that sets the sysName parameter to a value containing JavaScript. When a management page that loads system_data.js is subsequently viewed by an administrator, the malicious script is executed in the browser context, giving the attacker the same privileges as the page viewer. Based on the description, it is inferred that an attacker with administrator view access could hijack the session, steal credentials, or alter configuration data.", "risk_and_exploitability": "The CVSS score of 5.1 indicates medium severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires the attacker to send a crafted POST request to the device\u2019s web interface. The description does not state whether authentication is required; based on typical web\u2011interface behavior, it is inferred that the attacker must be able to reach the management port, which could be exposed over a local or public network. The attack vector is therefore likely local network or remote if the management interface is externally accessible. The overall risk is moderate, but it could become severe in environments where the switch\u2019s web interface is reachable from untrusted networks or the device is widely shared among administrators."}}}}, "created": "2026-03-18T10:42:46.120755+00:00", "updated": "2026-03-24T10:54:35.113433+00:00", "vendors": ["edimax_technology", "edimax_technology$PRODUCT$edimax_gs-5008pl"]}