Unauthorized Access Flaw in Extreme Networks' ExtremeGuest Essentials
CVE-2025-8679

7.6HIGH

Key Information:

Vendor: Extreme Networks
Status: Extremeguest Essentials
Vendor: CVE Published:; 1 October 2025

🔔 Create Extreme Networks Vulnerability Alert

What is CVE-2025-8679?

A vulnerability exists in Extreme Networks' ExtremeGuest Essentials versions prior to 25.5.0, where the captive portal may allow unauthorized access. This occurs during specific configurations of the captive portal SSID, where repeated manual login attempts can lead an unauthenticated device to be falsely recognized as authenticated, thereby gaining access to the network. Notably, Client360 logs may display the MAC address of the client as the username, despite the absence of MAC-authentication practices. This significant flaw highlights the importance of securing guest network access to prevent unauthorized entry.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ExtremeGuest Essentials 25.4.0

References

https://extreme-networks.my.site.com/ExtrArticleDetail?an...

CVSS V4

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Aug 6, 2025

JSON

Extreme Networks

What is CVE-2025-8679?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V4

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.