MidnightBSD

Advisories for extremenetworks

CVE-2005-1670 MEDIUM

Unknown vulnerability in Extreme BlackDiamond 10808 and 8800 switches running ExtremeWare XOS 11.1 before 11.1.3.3, 11.0 before 11.0.2.4, and 10.x allows remote authenticated users to execute arbitrary commands.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
extremenetworks extremeware_xos *
CVE-2013-7309 MEDIUM

The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing disruption) or obtain sensitive packet information via a crafted LSA packet, a related issue to CVE-2013-0149.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
extremenetworks exos -
CVE-2017-14327 MEDIUM

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.1.4
extremenetworks extremexos 22.3
extremenetworks extremexos 22.2
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 16.2.4
extremenetworks extremexos 16.1.3
extremenetworks extremexos 16.2
extremenetworks extremexos 21.1
CVE-2017-14328 HIGH

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 16.1
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 16.1.4
extremenetworks extremexos 16.1.5
extremenetworks extremexos 22.3
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 22.4.1
extremenetworks extremexos 16.2.4
extremenetworks extremexos 22.6.1
extremenetworks extremexos 22.5
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.2.5
extremenetworks extremexos 22.3.1
extremenetworks extremexos 22.6
extremenetworks extremexos 22.2
extremenetworks extremexos 21.1.5
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 15.7
extremenetworks extremexos 16.1.3
extremenetworks extremexos 22.2.1
extremenetworks extremexos 16.2
extremenetworks extremexos 22.5.1
extremenetworks extremexos 21.1
CVE-2017-14329 HIGH

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.1.4
extremenetworks extremexos 22.3
extremenetworks extremexos 22.2
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 15.7
extremenetworks extremexos 16.2.4
extremenetworks extremexos 16.1.3
extremenetworks extremexos 16.2
extremenetworks extremexos 21.1
CVE-2017-14330 HIGH

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.1.4
extremenetworks extremexos 22.3
extremenetworks extremexos 22.2
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 15.7
extremenetworks extremexos 16.2.4
extremenetworks extremexos 16.1.3
extremenetworks extremexos 16.2
extremenetworks extremexos 21.1
CVE-2017-14331 HIGH

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.1.4
extremenetworks extremexos 22.3
extremenetworks extremexos 22.2
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 15.7
extremenetworks extremexos 16.2.4
extremenetworks extremexos 16.1.3
extremenetworks extremexos 16.2
extremenetworks extremexos 21.1
CVE-2017-14332 MEDIUM

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
extremenetworks extremexos 16.1.2
extremenetworks extremexos 21.1.1
extremenetworks extremexos 21.1.2
extremenetworks extremexos 21.1.3
extremenetworks extremexos 16.1.4
extremenetworks extremexos 22.3
extremenetworks extremexos 22.2
extremenetworks extremexos 16.2.2
extremenetworks extremexos 22.1
extremenetworks extremexos 16.2.3
extremenetworks extremexos 21.1.4
extremenetworks extremexos 22.4
extremenetworks extremexos 15.7
extremenetworks extremexos 16.2.4
extremenetworks extremexos 16.1.3
extremenetworks extremexos 16.2
extremenetworks extremexos 21.1
CVE-2018-5787 MEDIUM

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
extremenetworks extremewireless_wing *
CVE-2018-5797 LOW

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smint_encrypt Hardcoded AES Key that can be used for packet decryption (obtaining cleartext credentials) by an attacker who has access to a wired port.

CVSS 2.0

Severity: LOW

Problem Type: CWE-798,

Products Affected

Vendor Product Version
extremenetworks extremewireless_wing *
CVE-2020-13819 MEDIUM

Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
extremenetworks extreme_management_center *
CVE-2020-13820 MEDIUM

Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
extremenetworks extreme_management_center 8.4.1.24
CVE-2020-16152 HIGH

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-829,

Products Affected

Vendor Product Version
extremenetworks aerohive_netconfig 10.0r8a
extremenetworks aerohive_netconfig *
CVE-2020-16847 MEDIUM

Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
extremenetworks extreme_management_center *
CVE-2020-18305

Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.

Products Affected

Vendor Product Version
extremenetworks extremexos *
extremenetworks extremexos 30.1
CVE-2023-35802

IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit.

Products Affected

Vendor Product Version
extremenetworks iq_engine *
CVE-2023-35803

IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
extremenetworks iq_engine *
CVE-2023-43118

Cross Site Request Forgery (CSRF) vulnerability in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
extremenetworks exos *
CVE-2023-43119

An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
extremenetworks exos *
CVE-2023-43120

An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
extremenetworks exos *
CVE-2023-43121

A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

Products Affected

Vendor Product Version
extremenetworks exos *
CVE-2024-27453

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).

Products Affected

Vendor Product Version
extremenetworks extremexos *
CVE-2024-38290

In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

Products Affected

Vendor Product Version
extremenetworks xiq-se *
CVE-2024-38291

In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
extremenetworks xiq-se *
CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
extremenetworks xiq-se *
CVE-2025-11192

A vulnerability in Extreme Networks’ Fabric Engine (VOSS) before 9.3 was discovered. When SD-WAN AutoSense is enabled on a port, it may automatically configure fabric connectivity without validating ISIS authentication settings. The SD-WAN AutoSense implementation may be exploited by malicious actors by allowing unauthorized access to network fabric and configuration data.

Products Affected

Vendor Product Version
extremenetworks fabric_engine_(voss) *
CVE-2025-6083

In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to bypass the owner_id filter. This issue may allow users to search data across the entire table instead of being restricted to their specific owner_id.

Products Affected

Vendor Product Version
extremenetworks extremecloud_universal_ztna 25.2.0
extremenetworks extremecloud_universal_ztna *
CVE-2025-6235

In ExtremeControl before 25.5.12, a cross-site scripting (XSS) vulnerability was discovered in a login interface of the affected application. The issue stems from improper handling of user-supplied input within HTML attributes, allowing an attacker to inject script code that may execute in a user's browser under specific interaction conditions. Successful exploitation could lead to exposure of user data or unauthorized actions within the browser context.

Products Affected

Vendor Product Version
extremenetworks extremecontrol *
CVE-2025-8679

In ExtremeGuest Essentials before 25.5.0, captive-portal may permit unauthorized access via manual brute-force procedure. Under certain ExtremeGuest Essentials captive-portal SSID configurations, repeated manual login attempts may allow an unauthenticated device to be marked as authenticated and obtain network access. Client360 logs may display the client MAC as the username despite no MAC-authentication being enabled.

Products Affected

Vendor Product Version
extremenetworks extremeguest_essentials *