14 matches found
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43120
An issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request...
Extreme Networks Switch Engine Security Vulnerability
Extreme Networks Switch Engine EXOS is a switch engine from Extreme Networks. A security vulnerability exists in Extreme Networks Switch Engine versions prior to 32.5.1.5, which stems from an Access Control Error vulnerability. An attacker could exploit the vulnerability to gain escalation...
CVE-2023-43119
An Access Control issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server...
CVE-2023-43119
An Access Control issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
CVE-2023-43120
An issue discovered in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43119
CVE-2023-43119 concerns Extreme Networks Switch Engine (EXOS) prior to 32.5.1.5, where an Access Control issue permits attackers to escalate privileges through crafted telnet commands via the Redis server. The vulnerability has been fixed in EXOS versions 22.7, 31.7.2, and 32.5.1.5 or later. Affe...