← Volver a CVEs
CVE-2026-27517
MEDIUM6.1
Descripcion
Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior reflect unsanitized user input in the web interface, allowing an attacker to inject and execute arbitrary JavaScript in the context of an authenticated user.
Detalles CVE
Puntuacion CVSS v3.16.1
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado2/24/2026
Ultima modificacion3/2/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
binardat:10g08-0800gsmbinardat:10g08-0800gsm_firmware
Debilidades (CWE)
CWE-79
Referencias
https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch(disclosure@vulncheck.com)
https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-xss(disclosure@vulncheck.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.