### [CVE-2018-5789](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5789)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. There is a Remote, Unauthenticated XML Entity Expansion Denial of Service on the WiNG Access Point / Controller via crafted XML entities to the Web User Interface.

### POC

#### Reference
- https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003
- https://gtacknowledge.extremenetworks.com/articles/Vulnerability_Notice/VN-2018-003

#### Github
No PoCs found on GitHub currently.