CVE-2020-36907 Extreme Networks Aerohive HiveOS <=11.x 11.x Unauthenticated Remote Denial of Service

Aerohive HiveOS contains a denial of service vulnerability in the NetConfig UI that allows unauthenticated attackers to render the web interface unusable. Attackers can send a crafted HTTP request to the action.php5 script with specific parameters to trigger a 5-minute service disruption...