exploitDog

GHSA-3jmm-qp9w-h326

Опубликовано: 03 мая 2024

Источник: github

Github: Не прошло ревью

CVSS3: 8.6

Описание

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).

Ссылки

EPSS

Процентиль: 52%

0.00291

Низкий

8.6 High

CVSS3

CVE ID

Дефекты

CWE-266

Связанные уязвимости

CVE-2024-27453

CVSS3: 8.6

nvd

почти 2 года назад

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).

EPSS

Процентиль: 52%

0.00291

Низкий

8.6 High

CVSS3

CVE ID

Дефекты

CWE-266