Vulnerability Notice VN-2020-456: Admin interface exploitation can result in LFI

  • 7 October 2020
  • 0 replies
  • 35 views

Userlevel 5

Extreme Networks is reviewing and evaluating product and software exposure to vulnerabilities reported in CVE-2020-16152 which affects the administrative web interface of IQ Engine/HiveOS product. Successful exploitation can result in a Local File Inclusion (LFI) against a target from an unauthorized user with access to the management network of the target device.

 

Vulnerability Notice Link: https://extremeportal.force.com/ExtrArticleDetail?an=000060020

 

Extreme PSIRT:

security@extremenetworks.com


0 replies

Be the first to reply!

Reply