CVE-2026-27521
Received Received - Intake
Brute-Force Vulnerability in Binardat 10G08-0800GSM Switch Firmware

Publication date: 2026-02-24

Last updated on: 2026-03-02

Assigner: VulnCheck

Description
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-03-02
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-27521
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
binardat 10g08-0800gsm_firmware to V300SP10260209 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-27521 affects the Binardat 10G08-0800GSM network switch firmware versions V300SP10260209 and earlier. The vulnerability exists because the firmware does not implement any rate limiting or account lockout mechanisms on failed login attempts.

This lack of restriction allows attackers to perform brute-force attacks, repeatedly trying different user credentials without any limitation, to gain unauthorized access.

Impact Analysis

[{'type': 'paragraph', 'content': 'The vulnerability can lead to unauthorized access to the network switch by allowing attackers to guess user credentials through brute-force attacks.'}, {'type': 'paragraph', 'content': "This can compromise the confidentiality and integrity of the device's data and settings, potentially allowing attackers to disrupt network operations or gain further access within the network."}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring for repeated failed login attempts on the Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior. Since the firmware does not implement rate limiting or account lockout, a high volume of failed authentication attempts from the same source or targeting the same account may indicate exploitation attempts.'}, {'type': 'paragraph', 'content': "Commands to detect such activity would typically involve checking the device's authentication logs for repeated failed login attempts. For example, on the network switch or a connected logging server, you might use commands like:"}, {'type': 'list_item', 'content': "grep 'failed login' /var/log/auth.log"}, {'type': 'list_item', 'content': "tail -f /var/log/auth.log | grep 'authentication failure'"}, {'type': 'list_item', 'content': 'show logging | include failed-login (if supported by the device CLI)'}, {'type': 'paragraph', 'content': 'Additionally, network monitoring tools can be configured to alert on multiple failed login attempts from the same IP address within a short time frame.'}] [1]

Mitigation Strategies

Immediate mitigation steps include implementing rate limiting or account lockout mechanisms on the affected Binardat 10G08-0800GSM network switch to prevent brute-force attacks on user credentials.

Since the firmware versions V300SP10260209 and prior do not have these protections, you should:

  • Restrict network access to the management interface of the switch to trusted IP addresses only.
  • Use strong, complex passwords for all user accounts.
  • Monitor authentication logs closely for signs of brute-force attempts.
  • If available, upgrade the firmware to a version that includes rate limiting or account lockout features.

These steps will help reduce the risk of unauthorized access until a firmware update or patch is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-27521. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart