Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/03/08 1:44 a.m.3 views

CVE-2026-25071

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00089EPSS
Exploits0References1
NVD
NVDadded 2026/03/07 1:15 a.m.0 views

CVE-2026-25071

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS0.00089EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/03/07 12:20 a.m.23 views

CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS0.00089EPSS
Exploits0References2
CVE
CVEadded 2026/03/07 12:20 a.m.7 views

CVE-2026-25071

CVE-2026-25071 affects XikeStor SKS8310-8X network switch firmware version 1.04.B07 and earlier. The vulnerability is a missing authentication on the /switch_config.src endpoint, allowing unauthenticated remote attackers to download device configuration files, potentially exposing sensitive VLAN ...

8.7CVSS5.8AI score0.00089EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2024/10/17 6:15 p.m.1 views

CVE-2024-48637

D-Link DIR882FW130B06 and DIR878 DIR878FW130B08 were discovered to contain a command injection vulnerability via the VLANID:1/VID parameter in the SetVLANSettings function. This vulnerability allows attackers to execute arbitrary OS commands via a crafted POST request...

8CVSS6AI score
Exploits0References2
CVE
CVEadded 2024/10/17 12:0 a.m.43 views

CVE-2024-48635

D-Link DIR-882 (firmware FW130B06) and DIR-878 (firmware FW130B08) expose a command injection in SetVLANSettings. The root cause is a lack of neutralization of special elements in the VLANID:2/VID parameter, allowing an attacker to run arbitrary OS commands via a crafted POST request. Public sour...

8CVSS8.7AI score0.00822EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologiesadded 2024/10/08 12:0 a.m.2 views

PT-2024-7094 · D Link · D-Link Dir-878 +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 versions FW130B06 D-Link DIR-878 version FW130B08 Description: A command injection issue exists in the SetVLANSettings function due to insufficient neutralization of special elements used in an OS command. This allows attackers...

8CVSS7.9AI score0.00822EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2024/09/26 12:0 a.m.1 views

PT-2024-7035 · D Link · D-Link Dir-878 +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 versions FW130B06 D-Link DIR-878 versions FW130B08 Description: A command injection issue exists due to the lack of neutralization of special elements used in the operating system command in the SetVLANSettings function. This...

8CVSS8AI score0.00822EPSS
Exploits0References9
Rows per page
Query Builder