Extremenetworks Extremexos

8 CVEs affecting Extremenetworks Extremexos. Latest disclosed: 2024-05-14. Critical: 0, High: 4.

Top CVEs affecting Extremenetworks Extremexos
CVESeverityScorePublishedSummary
CVE-2024-27453High8.62024-05-03In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machin…
CVE-2017-14332High8.12017-10-23Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
CVE-2020-18305High8.02024-05-14Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers…
CVE-2017-14328High7.52017-10-23Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
CVE-2017-14331Medium6.72017-10-23Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.
CVE-2017-14330Medium6.72017-10-23Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
CVE-2017-14329Medium6.72017-10-23Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
CVE-2017-14327Medium4.42017-10-23Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.