Binardat 10G08-0800GSM Network Switch Traceroute CLI Command Injection Vulnerability

Vulnerability

A command injection vulnerability has been identified in the Binardat 10G08-0800GSM network switch, affecting firmware versions through V300SP10260209. The vulnerability resides in the traceroute diagnostic function within the device's web management interface. An authenticated attacker with access to the web interface can exploit this issue by injecting the %1a character into the hostname parameter, allowing the execution of arbitrary CLI commands on the device.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected network switch via the command line interface.

Added: Feb 24, 2026, 4:30 PM

Updated: Feb 24, 2026, 10:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.5

remediation

0.0

relevance

3.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Binardat 10G08-0800GSM Network Switch Traceroute CLI Command Injection Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating