Skip to content

Latest commit

 

History

History

CVE-2023-43118

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

CVE-2023-43118: Extreme Networks EXOS CSRF to RCE

Information

Description: Endpoints of the Chalet application are vulnerable to CSRF allowing a cross-domain request to force an authenticated user to perform actions. This includes the /jsonrpc API which can force an admin user to execute commands on the device (RCE).
Versions Affected: 32.1.1.6
Version Fixed: See the vendors advisory
Researcher: David Yesland (https://twitter.com/daveysec)
Disclosure Link: https://rhinosecuritylabs.com/research/extreme-networks-extremexos-vulnerabilities
Advisory: https://extreme-networks.my.site.com/ExtrArticleDetail?an=000114379

Proof-of-Concept Exploit

Description

Exploits a CSRF vulnerability against an admin user to run commands on the device.

Usage/Exploitation

As an authenticated admin, load the CSRF POC HTML.