CVE-2026-27516
Published: 24 February 2026
Summary
CVE-2026-27516 is a high-severity Insertion of Sensitive Information Into Sent Data (CWE-201) vulnerability in Binardat 10G08-0800Gsm Firmware. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 7.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 IA-5 (Authenticator Management) and SC-28 (Protection of Information at Rest).
Deeper analysis
CVE-2026-27516 is a vulnerability in the Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior, where user passwords are exposed in plaintext within the administrative interface and HTTP responses. This flaw allows recovery of valid credentials and carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). It maps to CWE-201 (Exposure of Sensitive Information to an Unauthorized Actor) and CWE-317 (Cleartext Storage of Sensitive Information).
The vulnerability can be exploited by any unauthenticated attacker with network access to the affected switch, requiring low complexity and no user interaction. Successful exploitation enables the attacker to read plaintext passwords from the admin interface or HTTP responses, compromising confidentiality and potentially leading to full administrative control over the device.
Advisories and vendor resources provide further details on the issue, including the VulnCheck advisory at https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-plaintext-password-exposure and the Binardat product page at https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-8533
Vulnerability details
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior expose user passwords in plaintext within the administrative interface and HTTP responses, allowing recovery of valid credentials.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability exposes plaintext passwords in the unauthenticated administrative web interface and HTTP responses of a network switch (public-facing application), directly enabling credential recovery via T1190 and facilitating T1552 Unsecured Credentials access that can lead to administrative control.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely identification, reporting, and correction of flaws like this firmware vulnerability exposing plaintext passwords in the administrative interface and HTTP responses.
Mandates cryptographic mechanisms to protect sensitive information such as passwords at rest, directly preventing plaintext storage and exposure in interfaces and responses.
Requires protection of authenticator content from unauthorized disclosure and modification, addressing the plaintext exposure of user passwords.