CVE-2026-27516
Published: 24 February 2026
Summary
CVE-2026-27516 is a high-severity Insertion of Sensitive Information Into Sent Data (CWE-201) vulnerability in Binardat 10G08-0800Gsm Firmware. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 5.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Threat & Defense at a Glance
Threat & Defense Details
Likely Mitigating ControlsAI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Embedding taints allows detection when sensitive data is inserted into outbound or sent data streams.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability exposes plaintext passwords in the unauthenticated administrative web interface and HTTP responses of a network switch (public-facing application), directly enabling credential recovery via T1190 and facilitating T1552 Unsecured Credentials access that can lead to administrative control.
NVD Description
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials.
Deeper analysisAI
CVE-2026-27516 is a vulnerability in the Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior, where user passwords are exposed in plaintext within the administrative interface and HTTP responses. This flaw allows recovery of valid credentials and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). It maps to CWE-201 (Exposure of Sensitive Information to an Unauthorized Actor) and CWE-317 (Cleartext Storage of Sensitive Information).
The vulnerability can be exploited by any unauthenticated attacker with network access to the affected switch, requiring low complexity and no user interaction. Successful exploitation enables the attacker to read plaintext passwords from the admin interface or HTTP responses, compromising confidentiality and potentially leading to full administrative control over the device.
Advisories and vendor resources provide further details on the issue, including the VulnCheck advisory at https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-plaintext-password-exposure and the Binardat product page at https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch.
Details
- CWE(s)