Unrated severityNVD Advisory· Published Mar 7, 2026· Updated Mar 10, 2026
XikeStor SKS8310-8X PingTestSet Command Injection
CVE-2026-25070
Description
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through the destIp parameter to achieve remote code execution with root privileges on the network switch.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.04.B07
- Anhui Seeker Electronic Technology Co., LTD./XikeStor SKS8310-8Xv5Range: 0
Patches
Vulnerability mechanics
References
2- openwrt.org/toh/xikestor/sks8310-8xmitreproduct
- www.aliexpress.com/i/3256808697772710.htmlmitreproduct
News mentions
0No linked articles in our index yet.