Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Binardat 10G08-0800GSM Switch Predictable Session IDs Allow Session Hijacking
CVE-2026-27515
Summary
Old firmware versions of the Binardat 10G08-800GSM network switch generate session IDs that can be easily guessed by an attacker, allowing them to take control of sessions that are already authenticated. This could allow an attacker to access sensitive information or make changes to the switch's settings. Update to the latest firmware version to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| binardat | 10g08-0800gsm_firmware | <= V300SP10260209 | – |
Original title
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session...
Original description
Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 generate predictable numeric session identifiers in the web management interface. An attacker can guess valid session IDs and hijack authenticated sessions.
nvd CVSS3.1
9.1
nvd CVSS4.0
9.3
Vulnerability type
CWE-330
Use of Insufficiently Random Values
Published: 24 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026