36 matches found
CVE-2023-35803
IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow...
CVE-2023-35803
CVE-2023-35803 affects Extreme Networks IQ Engine on AP devices (pre-10.6r2). The root cause is a buffer overflow in the ah_acsd service, which can be exploited by a remote attacker to achieve arbitrary code execution with root privileges, over the network (no user interaction required per ZDI ad...
Extreme Networks IQ Engine Security Vulnerability
Extreme Networks IQ Engine is an engine from Extreme Networks, Inc. A security vulnerability exists in Extreme Networks IQ Engine versions prior to 10.6r2 that stems from a buffer overflow in Extreme Networks IQ Engine...
CVE-2023-35803
IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow...
The vulnerability of the ASD service of the IQ Engine wireless access point operating system allows a hacker to escalate their privileges and execute arbitrary code.
The vulnerability of the ASD service of the IQ Engine HiveOS wireless access point operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges and execute arbitrary code...
CVE-2023-35802
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...
CVE-2023-35802
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...
Buffer overflow
IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...
CVE-2023-35802
CVE-2023-35802 affects Extreme Networks IQ Engine prior to version 10.6r1 on Extreme Network AP devices. It is a Buffer Overflow in the CAPWAP protocol implementation that can allow an attacker with access to the internal management interface/subnet to obtain elevated privileges and perform remot...
PT-2023-25324 · Extreme Networks · Iq Engine
Name of the Vulnerable Software and Affected Versions: Extreme Network AP devices IQ Engine versions prior to 10.6r1 Description: The issue is related to a Buffer Overflow in the implementation of the CAPWAP protocol. This may be exploited to obtain elevated privileges and conduct remote code...
Extreme Networks IQ Engine 安全漏洞
Extreme Networks IQ Engine is an engine from Extreme Networks, Inc. A security vulnerability exists in Extreme Networks IQ Engine versions prior to 10.6r1, which stems from a buffer overflow vulnerability in the execution of the CAPWAP protocol. The vulnerability can be exploited by an attacker t...
Exploit for Classic Buffer Overflow in Extremenetworks Iq_Engine
CVE-2023-35803 - Unauthenticated RCE in Extreme Networks/Aer...
PT-2023-4077 · Extreme Networks · Iq Engine
Name of the Vulnerable Software and Affected Versions: IQ Engine versions prior to 10.6r2 Description: The issue is related to a buffer overflow in the IQ Engine service of Extreme Network AP devices, which can be exploited by a remote attacker to elevate privileges and execute arbitrary code...
Code injection
The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file...
CVE-2020-16152
The CVE-2020-16152 entry refers to Aerohive/Extreme Networks HiveOS NetConfig, where the NetConfig UI is vulnerable to local file inclusion (LFI) paired with log-poisoning to achieve unauthenticated remote code execution as root. Affected are HiveOS IQ Engine and NetConfig interfaces through 10.0...
CVE-2020-16152
The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file...