Security Advisory

CVE-2026-27520

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-24 15:07:41

Last updated 2026-02-26 21:28:10

Assigner VulnCheck

State PUBLISHED

Description

Binardat 10G08-0800GSM network switch firmware versions prior to V300SP10260209 store a user password in a client-side cookie as a Base64-encoded value accessible via the web interface. Because Base64 is reversible and provides no confidentiality, an attacker who can access the cookie value can recover the plaintext password.

← Browse all CVEs View on cve.org ↗