VYPR
Unrated severityNVD Advisory· Published Feb 24, 2026· Updated Feb 26, 2026

Binardat 10G08-0800GSM Network Switch Base64-encoded Password Stored in Cookie

CVE-2026-27520

Description

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can recover the plaintext password.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: < V300SP10260209
  • Binardat Ltd./10G08-0800GSM Network Switchv5
    Range: 0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.

CVE-2026-27520 · VYPR