Rhino Security Labs

Strategic & Technical Blog

Multiple Vulnerabilities In Extreme Networks ExtremeXOS

David Yesland
December 5, 2023

During an external network pentest, we came across a switch administration interface running ExtremeNetworks’ Extreme Operating System (EXOS). This is a network operating system designed to manage ExtremeNetworks’ wide range of…

CVE-2022-26113: FortiClient Arbitrary File Write As SYSTEM

in EVGA Precision X1

CVE-2020-5377: Dell OpenManage Server Administrator File Read

David Yesland

This blog explores a file read vulnerability in Dell OpenManage Server Administrator (OMSA) we found during an internal network penetration test, tracked as CVE-2020-5377 and a bypass for the fix tracked as CVE-2021-21514. 
When this Dell…