VYPR

Exos

by Extremenetworks

CVEs (8)

  • CVE-2017-14332HigOct 23, 2017
    risk 0.53cvss 8.1epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values.

  • CVE-2017-14328HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.01

    Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot.

  • CVE-2017-14331MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to bypass the "exsh restricted shell" protection mechanism and obtain an interactive shell.

  • CVE-2017-14330MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving a privileged process.

  • CVE-2017-14329MedOct 23, 2017
    risk 0.44cvss 6.7epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to obtain a root shell via vectors involving an exsh debug shell.

  • CVE-2017-14327MedOct 23, 2017
    risk 0.29cvss 4.4epss 0.00

    Extreme EXOS 16.x, 21.x, and 22.x allows administrators to read arbitrary files.

  • CVE-2020-18305May 13, 2024
    risk 0.00cvss epss 0.01

    Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.

  • CVE-2013-7309Jan 23, 2014
    risk 0.00cvss epss 0.01

    The OSPF implementation in Extreme Networks EXOS does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial of service (routing…