We’re aware of a Remote Code Execution (RCE) vulnerability affecting all Aerohive / Extreme Networks access points running HiveOS/Extreme IQ Engine before version 10.6r2.
Research has indicated that potential cyber attackers can exploit this vulnerability by connecting to one of these access points over the port TCP/5916.
A patch is available for access point models that are currently supported and we recommend upgrading to the latest version.
You can find more information and check devices affected here.