CVE-2026-23678

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the %1a character into the hostname parameter, an authenticated attacker wi...

CVE-2026-27507

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...

CVE-2026-27521

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

CVE-2026-27521 Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

CVE-2026-27521

CVE-2026-27521 affects Binardat 10G08-0800GSM network switch firmware, specifically versions prior to V300SP10260209. The root issue is the absence of rate limiting and account lockout on failed login attempts, enabling brute-force credential attacks. Multiple sources (NVD/Red Hat/CIRCLOSV) corro...

CVE-2026-27520 Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can...

CVE-2026-27518 Binardat 10G08-0800GSM Network Switch CSRF

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protections for state-changing actions in the administrative interface. An attacker can trick an authenticated administrator into performing unauthorized configuration changes...

CVE-2026-27507 Binardat 10G08-0800GSM Network Switch Hard-coded Credentials

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...

CVE-2026-27507

The affected product is Binardat 10G08-0800GSM network switch (firmware V300SP10260209 and earlier). The root cause is hard-coded administrative credentials in the firmware that users cannot change, which grants full administrative access when known. This creates a critical impact on confidential...

PT-2026-21756

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The Binardat 10G08-0800GSM network switch firmware does not have Cross-Site Request Forgery CSRF protections for actions that change the system's state...

PT-2026-21753

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The web management interface generates predictable numeric session identifiers. This predictability allows an attacker to guess valid session IDs,...

PT-2026-21752

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions V300SP10260209 and prior Description The Binardat 10G08-0800GSM network switch firmware contains hard-coded administrative credentials that cannot be altered by users. Obtaining these...

PT-2026-21755

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The web interface does not properly sanitize user input, which allows an attacker to inject and execute arbitrary JavaScript code within the context of...

PT-2026-21754

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The firmware exposes user passwords in plaintext within the administrative interface and HTTP responses, potentially allowing recovery of valid...

Binardat 10G08-0800GSM 信任管理问题漏洞

Binardat 10G08-0800GSM is a high-performance switch from the Chinese company Binardat. The Binardat 10G08-0800GSM Network Switch V300SP10260209 and earlier versions have a vulnerability related to trust management. This vulnerability stems from hardcoded management credentials that cannot be...

Binardat 10G08-0800GSM 操作系统命令注入漏洞

Binardat 10G08-0800GSM is a high-performance switch from the Chinese company Binardat. The firmware version V300SP10260209 and earlier of the Binardat 10G08-0800GSM network switch has a vulnerability related to operating system command injection. This vulnerability stems from command injection...