10g08 0800gsm Firmware
CVE-2026-27515
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.
AnalysisAI
Predictable session identifiers in Binardat 10G08-0800GSM network switch. Numeric session IDs are easily guessable, enabling session hijacking.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 with web management interface enabled. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 9.1. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | Attacker predicts numeric session ID to hijack active admin session on the network switch. |
| Remediation | Update firmware. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Binardat 10G08-0800GSM switches in your environment and document current firmware versions; restrict web management access to trusted IP ranges only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in 10g08 0800gsm Firmware
View allHardcoded admin credentials in Binardat 10G08-0800GSM network switch firmware V300SP10260209 and prior. Known credential
Authenticated attackers can achieve remote code execution on Binardat 10G08-0800GSM network switches by injecting the %1
10G08-0800Gsm Firmware is affected by improper restriction of excessive authentication attempts (CVSS 7.5).
Binardat 10G08-0800GSM network switches version V300SP10260209 and earlier expose a hardcoded RC4 encryption key in clie
Binardat 10G08-0800GSM network switch firmware versions before V300SP10260209 expose user credentials by storing passwor
Binardat 10G08-0800GSM network switch firmware prior to V300SP10260209 stores administrative credentials in plaintext wi
Stored cross-site scripting in Binardat 10G08-0800GSM network switch firmware through version V300SP10260209 enables att
Unauthorized configuration changes in Binardat 10G08-0800GSM network switches (firmware V300SP10260209 and prior) result
Same weakness CWE-330 – Use of Insufficiently Random Values
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today