CVE-2025-8679
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-01

Last updated on: 2025-10-02

Assigner: ExtremeNetworks

Description
In ExtremeGuest Essentials before 25.5.0, captive-portal may permit unauthorized access via manual brute-force procedure. Under certain ExtremeGuest Essentials captive-portal SSID configurations, repeated manual login attempts may allow an unauthenticated device to be marked as authenticated and obtain network access. Client360 logs may display the client MAC as the username despite no MAC-authentication being enabled.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-01
Last Modified
2025-10-02
Generated
2026-06-16
AI Q&A
2025-10-01
EPSS Evaluated
2026-06-15
NVD
CVE-2025-8679
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
extreme_networks extremecloud_iq_essentials *
extreme_networks extremeguest_essentials *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in ExtremeGuest Essentials before version 25.5.0, where the captive-portal may allow unauthorized access through a manual brute-force procedure. Specifically, under certain captive-portal SSID configurations, repeated manual login attempts can cause an unauthenticated device to be incorrectly marked as authenticated, granting it network access. Additionally, Client360 logs may show the client MAC address as the username even though MAC-authentication is not enabled.

Impact Analysis

This vulnerability can allow unauthorized devices to gain network access without proper authentication, potentially exposing the network to unauthorized users. This could lead to security breaches, data exposure, or misuse of network resources.

Detection Guidance

This vulnerability can be detected by monitoring Client360 logs for unusual entries where the client MAC address appears as the username despite no MAC-authentication being enabled. This indicates possible unauthorized access via brute-force attempts on the captive-portal. Specific commands are not provided in the available information.

Mitigation Strategies

Immediate mitigation steps are not detailed in the provided information. However, reviewing and adjusting captive-portal SSID configurations to prevent repeated manual login attempts and monitoring Client360 logs for suspicious activity may help reduce risk until a patch or update is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-8679. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart