CVE-2018-5796

Published: Feb 5, 2018Modified: Nov 21, 2024

7.2

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.

Affected (2)

Products: Extremewireless: Wing

Extremewireless

1 product

Wing

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Extremewireless Wing	From 5.0 to 5.8.6.9
Extremewireless Wing	From 5.9.0 to 5.9.1.3

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003

Source: cve@mitre.org

MitigationVendor Advisory

https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.