CVE-2026-27515

CRITICAL
2026-02-24 [email protected]
9.1
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:55 vuln.today
CVE Published
Feb 24, 2026 - 16:24 nvd
CRITICAL 9.1

Tags

Information Disclosure 10g08 0800gsm Firmware

Description

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.

Analysis

Predictable session identifiers in Binardat 10G08-0800GSM network switch. Numeric session IDs are easily guessable, enabling session hijacking.

Sign in for full analysis, threat intelligence, and remediation guidance.

Remediation

Within 24 hours: Identify all Binardat 10G08-0800GSM switches in your environment and document current firmware versions; restrict web management access to trusted IP ranges only. Within 7 days: Implement network segmentation to isolate management interfaces; enable audit logging for all web management activity; consider disabling web management if out-of-band management alternatives exist. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Priority Score

46
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +46
POC: 0

Share

CVE-2026-27515 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy