CVE-2023-35802

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jul 15, 2023

Updated: Jul 26, 2023

CWE ID 120

Summary

CVE-2023-35802 is a buffer overflow vulnerability affecting IQ Engine versions prior to 10.6r1 on Extreme Networks AP devices. This issue, located in the CAPWAP protocol implementation, can be exploited to gain elevated privileges and potentially execute remote code. Access to the internal management interface or subnet is necessary to carry out the exploit. Successful attacks could result in significant security compromises for affected networks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Extreme Networks

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rr4smE
https://www.cve.org/CVERecord?id=CVE-2023-35802
https://nvd.nist.gov/vuln/detail/CVE-2023-35802

Back to Vulnerability Database

CVE-2023-35802

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations