Lucene search
+L

36 matches found

cvelist
cvelist
added 2023/10/04 12:0 a.m.30 views

CVE-2023-35803

IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow...

9.8AI score0.01539EPSS
Exploits1References1
cve
cve
added 2023/10/04 12:0 a.m.72 views

CVE-2023-35803

CVE-2023-35803 affects Extreme Networks IQ Engine on AP devices (pre-10.6r2). The root cause is a buffer overflow in the ah_acsd service, which can be exploited by a remote attacker to achieve arbitrary code execution with root privileges, over the network (no user interaction required per ZDI ad...

9.8CVSS9.4AI score0.01539EPSS
Exploits1References1Affected Software1
cnnvd
cnnvd
added 2023/10/04 12:0 a.m.7 views

Extreme Networks IQ Engine Security Vulnerability

Extreme Networks IQ Engine is an engine from Extreme Networks, Inc. A security vulnerability exists in Extreme Networks IQ Engine versions prior to 10.6r2 that stems from a buffer overflow in Extreme Networks IQ Engine...

9.8CVSS7.2AI score0.01539EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2023/10/04 12:0 a.m.20 views

CVE-2023-35803

IQ Engine before 10.6r2 on Extreme Network AP devices has a Buffer Overflow...

7AI score0.01539EPSS
Exploits1References1
bdu_fstec
bdu_fstec
added 2023/08/03 12:0 a.m.11 views

The vulnerability of the ASD service of the IQ Engine wireless access point operating system allows a hacker to escalate their privileges and execute arbitrary code.

The vulnerability of the ASD service of the IQ Engine HiveOS wireless access point operating system is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a remote attacker to increase their privileges and execute arbitrary code...

10CVSS8.5AI score0.01539EPSS
Exploits1References5Affected Software1
osv
osv
added 2023/07/15 2:15 a.m.4 views

CVE-2023-35802

IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...

9.8CVSS6AI score0.01085EPSS
Exploits0References1
nvd
nvd
added 2023/07/15 2:15 a.m.18 views

CVE-2023-35802

IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...

9.8CVSS0.01085EPSS
Exploits0References1
prion
prion
added 2023/07/15 2:15 a.m.27 views

Buffer overflow

IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit...

7.5CVSS9.6AI score0.01085EPSS
Exploits0References1Affected Software1
cve
cve
added 2023/07/15 12:0 a.m.59 views

CVE-2023-35802

CVE-2023-35802 affects Extreme Networks IQ Engine prior to version 10.6r1 on Extreme Network AP devices. It is a Buffer Overflow in the CAPWAP protocol implementation that can allow an attacker with access to the internal management interface/subnet to obtain elevated privileges and perform remot...

9.8CVSS9.7AI score0.01085EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/07/15 12:0 a.m.12 views

PT-2023-25324 · Extreme Networks · Iq Engine

Name of the Vulnerable Software and Affected Versions: Extreme Network AP devices IQ Engine versions prior to 10.6r1 Description: The issue is related to a Buffer Overflow in the implementation of the CAPWAP protocol. This may be exploited to obtain elevated privileges and conduct remote code...

9.8CVSS9.6AI score0.01085EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/07/15 12:0 a.m.5 views

Extreme Networks IQ Engine 安全漏洞

Extreme Networks IQ Engine is an engine from Extreme Networks, Inc. A security vulnerability exists in Extreme Networks IQ Engine versions prior to 10.6r1, which stems from a buffer overflow vulnerability in the execution of the CAPWAP protocol. The vulnerability can be exploited by an attacker t...

9.8CVSS9AI score0.01085EPSS
Exploits0References2
githubexploit
githubexploit
added 2023/07/10 7:58 p.m.532 views

Exploit for Classic Buffer Overflow in Extremenetworks Iq_Engine

CVE-2023-35803 - Unauthenticated RCE in Extreme Networks/Aer...

9.8CVSS9.6AI score0.01539EPSS
Exploits1
ptsecurity
ptsecurity
added 2023/03/13 12:0 a.m.4 views

PT-2023-4077 · Extreme Networks · Iq Engine

Name of the Vulnerable Software and Affected Versions: IQ Engine versions prior to 10.6r2 Description: The issue is related to a buffer overflow in the IQ Engine service of Extreme Network AP devices, which can be exploited by a remote attacker to elevate privileges and execute arbitrary code...

9.8CVSS9.7AI score0.01539EPSS
Exploits1References15
prion
prion
added 2021/11/14 9:15 p.m.29 views

Code injection

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file...

10CVSS9.5AI score0.35047EPSS
Exploits5References2Affected Software1
cve
cve
added 2021/11/14 8:8 p.m.149 views

CVE-2020-16152

The CVE-2020-16152 entry refers to Aerohive/Extreme Networks HiveOS NetConfig, where the NetConfig UI is vulnerable to local file inclusion (LFI) paired with log-poisoning to achieve unauthenticated remote code execution as root. Affected are HiveOS IQ Engine and NetConfig interfaces through 10.0...

10CVSS9.5AI score0.35047EPSS
Exploits5References2Affected Software1
cvelist
cvelist
added 2021/11/14 8:8 p.m.59 views

CVE-2020-16152

The NetConfig UI administrative interface in Extreme Networks ExtremeWireless Aerohive HiveOS and IQ Engine through 10.0r8a allows attackers to execute PHP code as the root user via remote HTTP requests that insert this code into a log file and then traverse to that file...

9.7AI score0.35047EPSS
Exploits5References2
Rows per page
Query Builder