39 matches found
CVE-2020-24641
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative...
CVE-2020-24639
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
EUVD-2020-17355
Malware in sbrugna...
EUVD-2020-17354
Malware in sbrugna...
EUVD-2020-17356
Malware in sbrugna...
EUVD-2020-17357
Malware in sbrugna...
CVE-2020-24640
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
CVE-2020-24638
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system...
HPE Aruba Airwave Glass Input Validation Error Vulnerability
HPE Aruba Airwave Glass is a smart glasses device from Hewlett-Packard HPE. An input validation error vulnerability previously existed in HPE Aruba Airwave Glass 1.3.3, which stemmed from insufficient input validation and could be exploited by an attacker to arbitrarily execute commands upstairs ...
CVE-2020-24639
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
CVE-2020-24641
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative...
CVE-2020-24640
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
CVE-2020-24639
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
CVE-2020-24641
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative...
CVE-2020-24640
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
CVE-2020-24638
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system...
CVE-2020-24638
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system...
Design/Logic Flaw
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system...
Input validation
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...
Deserialization of untrusted data
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system...