Unrated severityNVD Advisory· Published Mar 7, 2026· Updated Mar 10, 2026

XikeStor SKS8310-8X Stored XSS via System Name

CVE-2026-25073

Description

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary script content through the System Name field. Attackers can inject malicious scripts that execute in a victim's browser when the stored value is viewed due to improper output encoding.

Affected products

Anhui Seeker Electronic Technology Co., LTD./XikeStor SKS8310-8Xv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

openwrt.org/toh/xikestor/sks8310-8xmitreproduct
www.aliexpress.com/i/3256808697772710.htmlmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000