Unrated severityNVD Advisory· Published Feb 24, 2026· Updated Feb 26, 2026
Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie
CVE-2026-27520
Description
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can recover the plaintext password.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < V300SP10260209
- Binardat Ltd./10G08-0800GSM Network Switchv5Range: 0
Patches
Vulnerability mechanics
References
2- www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-base64-encoded-password-stored-in-cookiemitrethird-party-advisory
- www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switchmitreproduct
News mentions
0No linked articles in our index yet.