CVE-2026-27507
Hardcoded Admin Credentials in Binardat 10G08-0800GSM Switch Firmware
Publication date: 2026-02-24
Last updated on: 2026-02-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| binardat | 10g08-0800gsm_firmware | to V300SP10260209 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-798 | The product contains hard-coded credentials, such as a password or cryptographic key. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-27507 affects the Binardat 10G08-0800GSM network switch, specifically firmware versions V300SP10260209 and earlier. The vulnerability involves hard-coded administrative credentials embedded in the firmware that cannot be changed by users.
These fixed credentials grant full administrative access to the device if known, posing a critical security risk. This issue is classified under CWE-798 (Use of Hard-coded Credentials).
How can this vulnerability impact me? :
Knowledge of the hard-coded credentials allows attackers to gain complete administrative control over the affected network switches.
This means an attacker can fully compromise the device, potentially leading to unauthorized access, manipulation, or disruption of network operations.
The vulnerability has a high severity score (CVSS v4 base score of 9.3), indicating a critical impact on confidentiality, integrity, and availability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves hard-coded administrative credentials in the Binardat 10G08-0800GSM network switch firmware versions V300SP10260209 and earlier. Detection typically involves verifying if the device is running an affected firmware version and testing for the presence of these fixed credentials.
To detect the vulnerability on your network or system, you can:
- Check the firmware version of your Binardat 10G08-0800GSM network switch to see if it is V300SP10260209 or earlier.
- Attempt to log in to the device using the known hard-coded administrative credentials if available from vendor advisories or security reports.
- Use network scanning tools to identify devices running the vulnerable firmware.
Specific commands are not provided in the available resources, but typical commands might include:
- Using SSH or Telnet to connect to the device and attempt login with default or known hard-coded credentials.
- Querying the device for its firmware version via SNMP or device management interfaces.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps for this vulnerability include:
- Identify and isolate affected Binardat 10G08-0800GSM network switches running firmware version V300SP10260209 or earlier.
- Restrict network access to these devices to trusted management networks only, minimizing exposure to untrusted networks.
- Monitor network traffic and device logs for unauthorized access attempts using the hard-coded credentials.
- Contact the vendor or check for firmware updates or patches that address the hard-coded credential issue.
- If no patch is available, consider replacing the affected devices or implementing compensating controls such as network segmentation and strict access controls.