XikeStor SKS8310-8X Network Switch Missing Authentication Vulnerability Allowing Unauthenticated Configuration File Downloads

Vulnerability

A missing authentication vulnerability has been identified in the XikeStor SKS8310-8X network switch, affecting firmware versions through 1.04.B07. The vulnerability exists in the '/switch_config.src' endpoint, where unauthenticated remote attackers can download sensitive device configuration files. This includes critical information such as VLAN settings and IP addressing details.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive configuration information, which could be used to manipulate network settings or disrupt service.

Added: Mar 7, 2026, 1:18 AM

Updated: Mar 7, 2026, 1:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

3.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

3.6

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

XikeStor SKS8310-8X Network Switch Missing Authentication Vulnerability Allowing Unauthenticated Configuration File Downloads

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating