CVE-2026-23678

HighPublic PoC

Published: 24 February 2026

Published

24 February 2026

Modified

25 February 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0035 57.6th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior contain a command injection vulnerability in the traceroute diagnostic function of the affected device web management interface. By injecting the %1a character into the hostname parameter, an authenticated attacker with access…

to the web interface can execute arbitrary CLI commands on the device.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires validation of untrusted inputs like the hostname parameter in the traceroute function to block command injection exploits.

SI-2 Flaw Remediation good match

prevent

Mandates timely remediation of identified flaws, such as patching the firmware vulnerability enabling arbitrary CLI command execution.

CM-7 Least Functionality good match

prevent

Enforces least functionality by prohibiting or restricting unnecessary diagnostic features like the vulnerable traceroute function in the web interface.

Security SummaryAI

CVE-2026-23678 is a command injection vulnerability (CWE-78) in the traceroute diagnostic function of the web management interface on Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior. Published on 2026-02-24, it has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its potential for significant impact on confidentiality, integrity, and availability.

An authenticated attacker with access to the web management interface can exploit the vulnerability remotely by injecting the %1a character into the hostname parameter during traceroute execution. This allows the attacker to run arbitrary CLI commands on the underlying device, enabling full control over the switch's operations.

Mitigation guidance is available in advisories and vendor resources, including the VulnCheck advisory at https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-traceroute-cli-command-injection and the Binardat product page at https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch.

Details

CWE(s): CWE-78

Affected Products

binardat

10g08-0800gsm firmware

≤ V300SP10260209

MITRE ATT&CK Enterprise TechniquesAI

T1059.008 Network Device CLI Execution

Adversaries may abuse scripting or built-in command line interpreters (CLI) on network devices to execute malicious command and payloads.

attack.mitre.org →

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

CVE enables command injection in web management interface, directly facilitating Network Device CLI execution (T1059.008) and exploitation of a public-facing web application (T1190).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://www.binardat.com/products/8-port-10-gigabit-sfp-managed-switch,-support-1g-sfp-and-10g-sfp-module,-160gbps-bandwidth,-l3-web-managed,-metal-fanless-fiber-binardat-network-switch
Product · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/binardat-10g08-0800gsm-network-switch-traceroute-cli-command-injection
Third Party Advisory · disclosure@vulncheck.com