Victorien Molle

**Name of the Vulnerable Software and Affected Versions** Extreme Networks IQ Engine versions prior to 10.6r1a Extreme Networks IQ Engine versions 10.6r1a through 10.6r4 before 10.6r5 **Description** The issue is related to a Buffer Overflow vulnerability in the implementation of the ah auth service, allowing an attacker to execute arbitrary code. This is a stack-based buffer overflow remote code execution vulnerability. **Recommendations** For Extreme Networks IQ Engine versions prior to 10.6r1a, update to version 10.6r1a or later. For Extreme Networks IQ Engine versions 10.6r1a through 10.6r4, update to version 10.6r5 or later. As a temporary workaround, consider disabling the ah auth service until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Extreme Networks IQ Engine versions prior to 10.6r1a Extreme Networks IQ Engine versions 10.6r1a through 10.6r4 before 10.6r5 Extreme Networks AP410C (affected versions not specified) **Description** The issue arises from the `ah webui` service, which listens on TCP port 3009 by default. It is related to deficiencies in the authentication procedure of the `ah webui` service in Extreme Networks AP410C network switch microcode. This allows a remote attacker to bypass existing security restrictions. The vulnerability can be exploited by network-adjacent attackers to reach critical functions on affected installations of Extreme Networks AP410C routers without requiring authentication. **Recommendations** For Extreme Networks IQ Engine versions prior to 10.6r1a, update to version 10.6r1a or later. For Extreme Networks IQ Engine versions 10.6r1a through 10.6r4 before 10.6r5, update to version 10.6r5 or later. For Extreme Networks AP410C, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the `ah webui` service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Extreme Network AP devices IQ Engine versions prior to 10.6r1 **Description** The issue is related to a Buffer Overflow in the implementation of the CAPWAP protocol. This may be exploited to obtain elevated privileges and conduct remote code execution. Access to the internal management interface or subnet is required to conduct the exploit. **Recommendations** For IQ Engine versions prior to 10.6r1, update to version 10.6r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the internal management interface or subnet to minimize the risk of exploitation.