Command injection

2023-03-0108:15:00

PRIOn knowledge base

www.prio-n.com

arubaos

remote command injection

web-based management

privileged user

os compromise

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

36.8%

JSON

Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.

CPENameOperatorVersion
arubaosge8.6.0.0
arubaosle8.6.0.19
arubaosge8.10.0.0
arubaosle8.10.0.4
arubaosge10.3.0.0
arubaosle10.3.1.0
sd-waneq>= 8.7.0.02.3.0.0 AND <= 8.7.0.02.3.0.8