Advisory - Title: Binardat 10G08-0800GSM Network Switch Missing Login Rate Limiting - Severity: Medium - Date: 2/24/2026 Vulnerability Details - Affected Product: Binardat 10G08-0800GSM Network Switch firmware <= V300SP10260209 - CVE ID: CVE-2026-27521 - CWE ID: CWE-307 Improper Restriction of Excessive Authentication Attempts - CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N References - Binardat Product Page Credit - Kazuma Matsumoto, a security researcher at GMO Cybersecurity by IERAE, Inc. Description - Binardat 10G08-0800GSM network switch firmware version V300SP10260209 and prior do not implement rate limiting or account lockout on failed login attempts, enabling brute-force attacks against user credentials.