Vulnerability Details CVE-2023-35802
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-35802
-
cpe:2.3:h:extremenetworks:ap1130:-
-
cpe:2.3:h:extremenetworks:ap122:-
-
cpe:2.3:h:extremenetworks:ap130:-
-
cpe:2.3:h:extremenetworks:ap150w:-
-
cpe:2.3:h:extremenetworks:ap250:-
-
cpe:2.3:h:extremenetworks:ap3000:-
-
cpe:2.3:h:extremenetworks:ap3000x:-
-
cpe:2.3:h:extremenetworks:ap302w:-
-
cpe:2.3:h:extremenetworks:ap305c-1:-
-
cpe:2.3:h:extremenetworks:ap305c:-
-
cpe:2.3:h:extremenetworks:ap305cx:-
-
cpe:2.3:h:extremenetworks:ap30:-
-
cpe:2.3:h:extremenetworks:ap4000-1:-
-
cpe:2.3:h:extremenetworks:ap4000:-
-
cpe:2.3:h:extremenetworks:ap410c-1:-
-
cpe:2.3:h:extremenetworks:ap410c:-
-
cpe:2.3:h:extremenetworks:ap460c:-
-
cpe:2.3:h:extremenetworks:ap460s12c:-
-
cpe:2.3:h:extremenetworks:ap460s6c:-
-
cpe:2.3:h:extremenetworks:ap5010:-
-
cpe:2.3:h:extremenetworks:ap5050d:-
-
cpe:2.3:h:extremenetworks:ap5050u:-
-
cpe:2.3:h:extremenetworks:ap510c:-
-
cpe:2.3:h:extremenetworks:ap510cx:-
-
cpe:2.3:h:extremenetworks:ap550:-
-
cpe:2.3:h:extremenetworks:ap630:-
-
cpe:2.3:h:extremenetworks:ap650:-
-
cpe:2.3:h:extremenetworks:ap650x:-
-
cpe:2.3:o:extremenetworks:iq_engine:-
-
cpe:2.3:o:extremenetworks:iq_engine:10.6r1
-
cpe:2.3:o:extremenetworks:iq_engine:10.6r2