Filtered by vendor Extremenetworks
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16152 | 1 Extremenetworks | 1 Aerohive Netconfig | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file. | |||||
| CVE-2020-13820 | 1 Extremenetworks | 1 Extreme Management Center | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | |||||
| CVE-2020-13819 | 1 Extremenetworks | 1 Extreme Management Center | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | |||||
| CVE-2018-5797 | 1 Extremenetworks | 1 Extremewireless Wing | 2024-11-21 | 3.3 LOW | 7.5 HIGH |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is an Smint_encrypt Hardcoded AES Key that can be used for packet decryption (obtaining cleartext credentials) by an attacker who has access to a wired port. | |||||
| CVE-2018-5787 | 1 Extremenetworks | 1 Extremewireless Wing | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated Stack Overflow in the RIM (Radio Interface Module) process running on the WiNG Access Point via crafted packets. | |||||