Skip to main content

Extremexos

7 CVEs product

Monthly

CVE-2024-27453 HIGH POC This Week

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Python Extremexos
NVD
CVSS 3.1
8.6
EPSS
0.7%
CVE-2017-14332 HIGH This Week

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Extremexos
NVD
CVSS 3.0
8.1
EPSS
0.5%
CVE-2017-14331 MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Extremexos
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-14330 MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Extremexos
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-14329 MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Extremexos
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2017-14328 HIGH This Week

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Extremexos
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2017-14327 MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Extremexos
NVD
CVSS 3.0
4.4
EPSS
0.1%
EPSS 1% CVSS 8.6
HIGH POC This Week

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Python Extremexos
NVD
EPSS 0% CVSS 8.1
HIGH This Week

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Extremexos
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Extremexos
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Extremexos
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Extremexos
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Extremexos
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Extremexos
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy