Extremexos

extremexos

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-18305 1Extremenetworks 1Extremexos Jun 11, 2025 May 14, 2024 N/A· v4 8.0 HIGH· v3 N/A· v2 Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.
CVE-2024-27453 1Extremenetworks 1Extremexos Jun 10, 2025 May 3, 2024 N/A· v4 8.6 HIGH· v3 N/A· v2 In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).
CVE-2017-14332 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.
CVE-2017-14331 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.
CVE-2017-14330 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.
CVE-2017-14329 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.
CVE-2017-14328 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.
CVE-2017-14327 1Extremenetworks 1Extremexos May 13, 2026 Oct 23, 2017 N/A· v4 4.4 MEDIUM· v3 4.9 MEDIUM· v2 Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.