CVE-2026-27507
Received Received - Intake
Hardcoded Admin Credentials in Binardat 10G08-0800GSM Switch Firmware

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: VulnCheck

Description
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain hard-coded administrative credentials that cannot be changed by users. Knowledge of these credentials allows full administrative access to the device.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-27507
EUVD
EUVD-2026-8532
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
binardat 10g08-0800gsm_firmware to V300SP10260209 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-27507 affects the Binardat 10G08-0800GSM network switch, specifically firmware versions V300SP10260209 and earlier. The vulnerability involves hard-coded administrative credentials embedded in the firmware that cannot be changed by users.

These fixed credentials grant full administrative access to the device if known, posing a critical security risk. This issue is classified under CWE-798 (Use of Hard-coded Credentials).

Impact Analysis

Knowledge of the hard-coded credentials allows attackers to gain complete administrative control over the affected network switches.

This means an attacker can fully compromise the device, potentially leading to unauthorized access, manipulation, or disruption of network operations.

The vulnerability has a high severity score (CVSS v4 base score of 9.3), indicating a critical impact on confidentiality, integrity, and availability.

Compliance Impact

I don't know

Detection Guidance

This vulnerability involves hard-coded administrative credentials in the Binardat 10G08-0800GSM network switch firmware versions V300SP10260209 and earlier. Detection typically involves verifying if the device is running an affected firmware version and testing for the presence of these fixed credentials.

To detect the vulnerability on your network or system, you can:

  • Check the firmware version of your Binardat 10G08-0800GSM network switch to see if it is V300SP10260209 or earlier.
  • Attempt to log in to the device using the known hard-coded administrative credentials if available from vendor advisories or security reports.
  • Use network scanning tools to identify devices running the vulnerable firmware.

Specific commands are not provided in the available resources, but typical commands might include:

  • Using SSH or Telnet to connect to the device and attempt login with default or known hard-coded credentials.
  • Querying the device for its firmware version via SNMP or device management interfaces.
Mitigation Strategies

Immediate mitigation steps for this vulnerability include:

  • Identify and isolate affected Binardat 10G08-0800GSM network switches running firmware version V300SP10260209 or earlier.
  • Restrict network access to these devices to trusted management networks only, minimizing exposure to untrusted networks.
  • Monitor network traffic and device logs for unauthorized access attempts using the hard-coded credentials.
  • Contact the vendor or check for firmware updates or patches that address the hard-coded credential issue.
  • If no patch is available, consider replacing the affected devices or implementing compensating controls such as network segmentation and strict access controls.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27507. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart