10g08 0800gsm Firmware
CVE-2026-27519
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
2DescriptionCVE.org
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.
AnalysisAI
Binardat 10G08-0800GSM network switches version V300SP10260209 and earlier expose a hardcoded RC4 encryption key in client-side JavaScript, allowing unauthenticated remote attackers to decrypt sensitive configuration data and compromise network confidentiality. The static key weakness eliminates the intended cryptographic protection for protected values transmitted to and from the device.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Binardat 10G08-0800GSM network switch firmware version V300SP10260209 or prior with web management interface enabled. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 7.5 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A remote attacker could exploit this vulnerability to compromise the affected system. |
| Remediation | Monitor vendor advisories for a patch. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all Binardat 10G08-0800GSM switches in production and document firmware versions; restrict administrative access to these devices to trusted networks only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in 10g08 0800gsm Firmware
View allHardcoded admin credentials in Binardat 10G08-0800GSM network switch firmware V300SP10260209 and prior. Known credential
Predictable session identifiers in Binardat 10G08-0800GSM network switch. Numeric session IDs are easily guessable, enab
Authenticated attackers can achieve remote code execution on Binardat 10G08-0800GSM network switches by injecting the %1
10G08-0800Gsm Firmware is affected by improper restriction of excessive authentication attempts (CVSS 7.5).
Binardat 10G08-0800GSM network switch firmware versions before V300SP10260209 expose user credentials by storing passwor
Binardat 10G08-0800GSM network switch firmware prior to V300SP10260209 stores administrative credentials in plaintext wi
Stored cross-site scripting in Binardat 10G08-0800GSM network switch firmware through version V300SP10260209 enables att
Unauthorized configuration changes in Binardat 10G08-0800GSM network switches (firmware V300SP10260209 and prior) result
Same weakness CWE-321 – Use of Hard-coded Cryptographic Key
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today