Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.1
Binardat 10G08-0800GSM Network Switch Allows JavaScript Injection
CVE-2026-27517
Summary
If an attacker is authenticated on the network switch, they can inject malicious JavaScript code through the web interface, potentially taking control of the switch or stealing sensitive information. This is a serious issue because it could allow an attacker to manipulate the switch's settings or access sensitive data. Binardat needs to be patched to prevent this kind of attack.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| binardat | 10g08-0800gsm_firmware | <= V300SP10260209 | – |
Original title
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript ...
Original description
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript in the context of an authenticated user.
nvd CVSS3.1
6.1
nvd CVSS4.0
5.1
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
Published: 24 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026