CVE-2023-35802

Name of the Vulnerable Software and Affected Versions Extreme Network AP devices IQ Engine versions prior to 10.6r1

Description The issue is related to a Buffer Overflow in the implementation of the CAPWAP protocol. This may be exploited to obtain elevated privileges and conduct remote code execution. Access to the internal management interface or subnet is required to conduct the exploit.

Recommendations For IQ Engine versions prior to 10.6r1, update to version 10.6r1 or later to resolve the issue. As a temporary workaround, consider restricting access to the internal management interface or subnet to minimize the risk of exploitation.