CVE-2026-27520

Name of the Vulnerable Software and Affected Versions Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209

Description The firmware stores a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Base64 encoding is reversible and does not provide confidentiality, allowing an attacker who can access the cookie value to recover the plaintext password.

Recommendations Update to firmware version V300SP10260209 or later.