Security Advisory

CVE-2025-47184

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-21 00:00:00

Last updated 2025-09-11 17:45:24

Assigner mitre

State PUBLISHED

Description

An XML external entities (XXE) injection vulnerability in the /init API endpoint in Exagid EX10 before 6.4.0 P20, 7.0.1 P12, and 7.2.0 P08 allows an authenticated, unprivileged attacker to achieve information disclosure and privilege escalation via a crafted ISys XML message.

← Browse all CVEs View on cve.org ↗