CVE-2026-27518

Medium CVSS: 5.1

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior lack CSRF protections for state-changing actions in the administrative interface. An attacker can trick an authenticated administrator into performing unauthorized configuration changes.

Vendor

Binardat

Product

10g08-0800gsm Firmware

CWE

CWE-352

Yayın Tarihi

2026-02-24 16:24:09

Güncelleme

2026-02-25 17:13:33

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-352 10g08-0800gsm Firmware MEDIUM Binardat 2026

Referanslar

https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-csrf

Benzer Kayıtlar

Medium

CVE-2026-27521

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or accoun…

High

CVE-2026-27516

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext withi…

Medium

CVE-2026-27517

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the we…

High

CVE-2026-27519

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded i…

High

CVE-2026-27520

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side c…

High

CVE-2026-23678

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerabilit…