Show filters
16 Total Results
Displaying 1-10 of 16
Sort by:
Attacker Value
Unknown

CVE-2023-43121

Disclosure Date: October 16, 2023 (last updated October 28, 2023)
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-43119

Disclosure Date: October 16, 2023 (last updated October 28, 2023)
An Access Control issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, also fixed in 22.7, 31.7.2 allows attackers to gain escalated privileges using crafted telnet commands via Redis server.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-43118

Disclosure Date: October 16, 2023 (last updated October 28, 2023)
Cross Site Request Forgery (CSRF) vulnerability in Chalet application in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-43120

Disclosure Date: October 16, 2023 (last updated October 25, 2023)
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2021-32611

Disclosure Date: May 12, 2021 (last updated February 22, 2025)
A NULL pointer dereference vulnerability exists in eXcall_api.c in Antisip eXosip2 through 5.2.0 when handling certain 3xx redirect responses.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2020-15364

Disclosure Date: June 28, 2020 (last updated February 21, 2025)
The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2020-15363

Disclosure Date: June 28, 2020 (last updated February 21, 2025)
The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2014-10375

Disclosure Date: August 14, 2019 (last updated November 27, 2024)
handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content-length header.
0
0
Attacker Value
Unknown

CVE-2017-14328

Disclosure Date: October 23, 2017 (last updated November 26, 2024)
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2017-14332

Disclosure Date: October 23, 2017 (last updated November 26, 2024)
Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
0
0
View More Topics  Next >