Security Advisory

CVE-2026-22323

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-18 07:35:09
Last updated 2026-03-18 15:06:10
Assigner CERTVDE
State PUBLISHED

Description

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the victim’s knowledge or consent. Availability impact was set to low because after a successful attack the device will automatically recover without external intervention.