Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Extremexos
(Extremenetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-05-14 | CVE-2020-18305 | Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges. | Extremexos | N/A | ||
| 2024-05-03 | CVE-2024-27453 | In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). | Extremexos | N/A | ||
| 2017-10-23 | CVE-2017-14328 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. | Extremexos | N/A | ||
| 2017-10-23 | CVE-2017-14332 | Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. | Extremexos | 8.1 | ||
| 2017-10-23 | CVE-2017-14331 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. | Extremexos | 6.7 | ||
| 2017-10-23 | CVE-2017-14330 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. | Extremexos | 6.7 | ||
| 2017-10-23 | CVE-2017-14329 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. | Extremexos | 6.7 | ||
| 2017-10-23 | CVE-2017-14327 | Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. | Extremexos | 4.4 |