CVE-2018-5796

HIGH

ExtremeWireless WiNG 5.x < 5.8.6.9 and 5.9.x < 5.9.1.3 - Authenticated Root Shell Access via Service Start-Shell Command

Title source: llm
STIX 2.1

Description

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Hidden Root Shell by entering the administrator password in conjunction with the 'service start-shell' CLI command.

References (1)

Core 1
Core References

Scores

CVSS v3 7.2
EPSS 0.0144
EPSS Percentile 69.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
extremewireless/wing 5.0 - 5.8.6.9
Published Feb 05, 2018
Tracked Since Feb 18, 2026