Vulnerabilities

CVE-2026-25071 - XikeStor SKS8310-8X switch_config.src Missing Authentication

2026-03-07 0 views admin

CVE ID :CVE-2026-25071 Published : March 7, 2026, 12:20 a.m. | 1 hour, 5 minutes ago Description :XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switch_config.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to retrieve sensitive configuration information including VLAN settings and IP addressing details. Severity: 8.7 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-25071

Severity

HIGH

Published

March 7, 2026

Attack Vector: Network

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-25071high

CVE-2026-25071 - XikeStor SKS8310-8X switch_config.src Missing Authentication

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-1981 - Winston AI <= 0.0.3 - missing authorization to authenticated (subscriber+) arbitr...

CVE-2026-1644 - WP Frontend Profile <= 1.3.8 - cross-site request forgery to unauthorized user ac...

CVE-2026-25070 - XikeStor SKS8310-8X PingTestSet Command Injection

CVE-2026-25072 - XikeStor SKS8310-8X Predictable Session Identifiers

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting