CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2026-25073

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary script content through the System Name field. Attackers can inject malicious scripts that execute in a victim's browser when the stored value is viewed due to improper output encoding.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 5.4

References

https://openwrt.org/toh/xikestor/sks8310-8x?s%5B%5D=xikestor&s%5B%5D=sks8310&s%5B%5D=8x
https://www.aliexpress.com/i/3256808697772710.html

Products affected by CVE-2026-25073

Seekswan » Zikestor Sks8310-8x » Version: N/A

cpe:2.3:h:seekswan:zikestor_sks8310-8x:-
Seekswan » Zikestor Sks8310-8x Firmware » Version: Any

cpe:2.3:o:seekswan:zikestor_sks8310-8x_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-25073

Products

Pricing

Contact Us