Shodan
Vulnerabilities
Vulnerable Software
Extremenetworks:  Security Vulnerabilities
CVE-2023-35802
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit.
CVSS Score
9.8
EPSS Score
0.028
Published
2023-07-15
CVE-2020-16152
The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file.
CVSS Score
9.8
EPSS Score
0.849
Published
2021-11-14
CVE-2020-13819
Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
CVSS Score
6.1
EPSS Score
0.005
Published
2020-08-05
CVE-2020-16847
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-08-04
CVE-2020-13820
Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
CVSS Score
6.1
EPSS Score
0.263
Published
2020-08-03
CVE-2018-5787
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.
CVSS Score
7.5
EPSS Score
0.015
Published
2018-02-05
CVE-2018-5797
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smint_encrypt Hardcoded AES Key that can be used for packet decryption (obtaining cleartext credentials) by an attacker who has access to a wired port.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-02-05
CVE-2017-14327
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.
CVSS Score
4.4
EPSS Score
0.001
Published
2017-10-23
CVE-2017-14328
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
CVSS Score
7.5
EPSS Score
0.006
Published
2017-10-23
CVE-2017-14329
Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
CVSS Score
6.7
EPSS Score
0.0
Published
2017-10-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved