Security Advisory

CVE-2023-53908

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-17 22:44:46

Last updated 2026-04-07 14:07:30

Assigner VulnCheck

State PUBLISHED

Description

HiSecOS 04.0.01 contains a privilege escalation vulnerability that allows authenticated users to modify their access role through XML-based NETCONF configuration. Attackers can send crafted XML payloads to the /mops_data endpoint with a specific role value to elevate their user privileges to administrative level.

← Browse all CVEs View on cve.org ↗