CVE-2026-27519

Summary

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior use RC4 with a hard-coded key embedded in client-side JavaScript. Because the key is static and exposed, an attacker can decrypt protected values and defeat confidentiality protections.

Affected Software

VendorProductVersion RangeStatus
Binardat Ltd.10G08-0800GSM Network Switch0 <= V300SP10260209affected

Weaknesses

  • CWE-321: CWE-321 Use of Hard-coded Cryptographic Key
  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References