Lucene search
+L

8 matches found

redhatcve
redhatcve
added 2026/02/25 4:16 p.m.7 views

CVE-2026-23678

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the %1a character into the hostname parameter, an authenticated attacker wi...

8.8CVSS6AI score0.01224EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/02/25 4:16 p.m.5 views

CVE-2026-27507

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device...

9.8CVSS5.4AI score0.00365EPSS
Exploits1References1
osv
osv
added 2026/02/24 4:24 p.m.5 views

CVE-2026-27521

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

7.5CVSS5.8AI score0.00246EPSS
Exploits0References2
cve
cve
added 2026/02/24 3:8 p.m.17 views

CVE-2026-27521

CVE-2026-27521 affects Binardat 10G08-0800GSM network switch firmware, specifically versions prior to V300SP10260209. The root issue is the absence of rate limiting and account lockout on failed login attempts, enabling brute-force credential attacks. Multiple sources (NVD/Red Hat/CIRCLOSV) corro...

7.5CVSS5.3AI score0.00246EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/02/24 3:8 p.m.21 views

CVE-2026-27521 Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials...

7.5CVSS0.00246EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/02/24 3:7 p.m.2 views

CVE-2026-27520 Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can...

8.7CVSS5.3AI score0.00196EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/02/24 12:0 a.m.5 views

PT-2026-21755

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The web interface does not properly sanitize user input, which allows an attacker to inject and execute arbitrary JavaScript code within the context of...

6.1CVSS5.7AI score0.00139EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/02/24 12:0 a.m.8 views

PT-2026-21754

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 Description The firmware exposes user passwords in plaintext within the administrative interface and HTTP responses, potentially allowing recovery of valid...

8.6CVSS5.2AI score0.00179EPSS
Exploits0References8
Rows per page
Query Builder