CVE-2017-20234

CRITICAL 9.8

GarrettCom Magnum 6K and 10K Authentication Bypass via Hardcoded String

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

6th

GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated attackers to gain unauthorized access by exploiting a hardcoded string in the authentication mechanism. Attackers can bypass login controls to access administrative functions and sensitive switch configuration without valid credentials.

CWE	CWE-798
Vendor	belden
Product	garrettcom magnum 6k and 10k managed switches
Published	Apr 3, 2026
Last Updated	Apr 6, 2026

Stay Ahead of the Next One

Get instant alerts for belden garrettcom magnum 6k and 10k managed switches

Be the first to know when new critical vulnerabilities affecting belden garrettcom magnum 6k and 10k managed switches are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Belden / GarrettCom Magnum 6K and 10K Managed Switches

0 ≤ 4.6.0 0 ≤ 4.7.6

References

NVD ↗ CVE.org ↗ EPSS Data ↗

assets.belden.com: https://assets.belden.com/m/114be964b4651983/original/Security-Bulletin-MNS-6K-10K-GarrettCom-BSECV-2017-08.pdf vulncheck.com: https://www.vulncheck.com/advisories/garrettcom-magnum-6k-and-10k-authentication-bypass-via-hardcoded-string