CVE-2026-25072
Received Received - Intake

Predictable Session ID Vulnerability in XikeStor SKS8310-8X Switch

Vulnerability report for CVE-2026-25072, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-03-07

Last updated on: 2026-03-12

Assigner: VulnCheck

Description

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a predictable session identifier vulnerability in the /goform/SetLogin endpoint that allows remote attackers to hijack authenticated sessions. Attackers can predict session identifiers using insufficiently random cookie values and exploit exposed session parameters in URLs to gain unauthorized access to authenticated user sessions.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-03-07
Last Modified
2026-03-12
Generated
2026-07-06
AI Q&A
2026-03-07
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
seekswan zikestor_sks8310-8x_firmware to 1.04.b07 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-330 The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Impact Analysis

This vulnerability allows remote attackers to hijack authenticated sessions by predicting session identifiers. As a result, attackers can gain unauthorized access to user accounts and potentially control or manipulate the network switch without proper authorization.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Executive Summary

The vulnerability exists in XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and earlier. It involves a predictable session identifier in the /goform/SetLogin endpoint. Because the session identifiers are generated with insufficient randomness and session parameters are exposed in URLs, remote attackers can predict these identifiers and hijack authenticated user sessions.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25072. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart