Remote, Unauthenticated XML Entity Expansion Denial of Service in ExtremeWireless WiNG Access Point/Controller
CVE-2018-5789 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:N/A:P
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.
Learn more about our Web App Pen Testing.