CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-27520

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can recover the plaintext password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.4%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch
https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-base64-encoded-password-stored-in-cookie

Products affected by CVE-2026-27520

Binardat » 10g08-0800gsm » Version: N/A

cpe:2.3:h:binardat:10g08-0800gsm:-
Binardat » 10g08-0800gsm Firmware » Version: Any

cpe:2.3:o:binardat:10g08-0800gsm_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-27520

Products

Pricing

Contact Us