8 matches found
EUVD-2026-10095
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary script content through the System Name field. Attackers can inject malicious scripts that execute in a victim's brows...
CVE-2026-25073
Summary: CVE-2026-25073 affects XikeStor SKS8310-8X Network Switch firmware prior to 1.04.B07. A stored cross-site scripting vulnerability exists in the System Name field due to improper output encoding, allowing authenticated attackers to inject and execute scripts in a victim’s browser when the...
CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication
XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...
PT-2024-31585 · Planex · Planex Mzk-Dp300N
Name of the Vulnerable Software and Affected Versions: PLANEX MZK-DP300N firmware versions 1.04 and earlier Description: The issue is related to a cross-site request forgery vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the us...
D-Link DIR-300 Cross Site Request Forgery
document.exploit.submit;...
D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)
D-Link DIR-300 - Cross-Site Request Forgery Change Admin Account Settings document.exploit.submit;...
D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)
document.exploit.submit;...
JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage
Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...