CVE-2026-27517

Medium CVSS: 5.1

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript in the context of an authenticated user.

Vendor

Binardat

Product

10g08-0800gsm Firmware

CWE

CWE-79

Yayın Tarihi

2026-02-24 16:24:09

Güncelleme

2026-03-02 15:16:37

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-79 10g08-0800gsm Firmware MEDIUM Binardat 2026

Referanslar

https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-xss

Benzer Kayıtlar

Medium

CVE-2026-27521

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or accoun…

High

CVE-2026-27516

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext withi…

Medium

CVE-2026-27518

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protections for state-changing…

High

CVE-2026-27519

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded i…

High

CVE-2026-27520

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side c…

High

CVE-2026-23678

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerabilit…