201 matches found
CVE-2022-37885
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...
CVE-2022-37892
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a...
CVE-2022-37892
CVE-2022-37892 concerns Aruba’s InstantOS/ArubaOS web management interface. The vulnerability is a stored cross-site scripting (XSS) flaw that could let an unauthenticated remote attacker execute arbitrary script code in a victim’s browser within the affected interface. Affected versions include ...
PT-2022-6047 · Aruba · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS versions 6.4.4.8 through 6.4.4.20 and below Aruba InstantOS versions 6.5.4.23 and below Aruba InstantOS versions 8.6.0.18 and below Aruba InstantOS versions 8.7.1.9 and below Aruba InstantOS versions 8.10.0.1 and below ArubaOS...
PT-2022-5390 · Aruba Networks · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS versions 6.4.4.8 through 6.4.4.20 and below Aruba InstantOS versions 6.5.4.23 and below Aruba InstantOS versions 8.6.0.18 and below Aruba InstantOS versions 8.7.1.9 and below Aruba InstantOS versions 8.10.0.1 and below ArubaOS...
CVE-2022-37891
CVE-2022-37891 is an unauthenticated buffer overflow vulnerability in Aruba InstantOS/ArubaOS web management interfaces. Successful exploitation allows execution of arbitrary commands on the underlying Aruba InstantOS/OS, with affected ranges including InstantOS 6.4.x (6.4.4.8-4.2.4.20 and below)...
CVE-2022-37895
An unauthenticated Denial of Service DoS vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x:...
CVE-2022-37889
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...
CVE-2022-37895
CVE-2022-37895 describes an unauthenticated DoS in Aruba InstantOS/ArubaOS caused by improper handling of certain SSID strings. A successful exploit can interrupt normal operation of affected APs across multiple releases (InstantOS 6.4.x, 6.5.x, 8.6.x, 8.7.x, 8.10.x and ArubaOS 10.3.x) with speci...
CVE-2022-37892
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a...
CVE-2022-37885
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...
CVE-2022-37894
CVE-2022-37894 is an unauthenticated DoS in Aruba InstantOS/ArubaOS caused by how certain SSID strings are handled. The issue can interrupt normal operation of affected APs remotely (AV Adjacent, UI None, Affected Availability). Vulnerable versions include Aruba InstantOS 6.4.x (6.4.4.8–4.2.4.20 ...
CVE-2022-37889
Summary of CVE-2022-37889 (Aruba InstantOS / ArubaOS) There are buffer overflow vulnerabilities in multiple underlying services that could enable unauthenticated remote code execution by sending specially crafted packets to the PAPI UDP port 8211. Successful exploitation could allow arbitrary cod...
PT-2022-6050 · Aruba · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS versions 6.4.4.8 through 6.4.4.20 and below Aruba InstantOS versions 6.5.4.23 and below Aruba InstantOS versions 8.6.0.18 and below Aruba InstantOS versions 8.7.1.9 and below Aruba InstantOS versions 8.10.0.1 and below ArubaOS...
PT-2022-5545 · Aruba Networks · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS versions 6.4.4.8 through 6.4.4.20 and below Aruba InstantOS versions 6.5.4.23 and below Aruba InstantOS versions 8.6.0.18 and below Aruba InstantOS versions 8.7.1.9 and below Aruba InstantOS versions 8.10.0.1 and below ArubaOS...
CVE-2022-37887
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks AP management protocol UDP port 8211. Successful exploitation of these vulnerabilities result...
PT-2022-24129 · Aruba · Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: Aruba InstantOS versions 6.4.4.8 through 4.2.4.20 and below Aruba InstantOS versions 6.5.4.23 and below Aruba InstantOS versions 8.6.0.18 and below Aruba InstantOS versions 8.7.1.9 and below Aruba InstantOS versions 8.10.0.1 and below ArubaOS...
CVE-2022-37896
CVE-2022-37896 describes a reflected XSS vulnerability in Aruba InstantOS/ArubaOS 10 web management interfaces. A remote attacker could exploit input handling in the affected web UI to trigger script execution in a victim’s browser within the Aruba InstantOS/ArubaOS context. Affected versions inc...
CVE-2022-37887
CVE-2022-37887 affects Aruba InstantOS/ArubaOS via buffer overflow vulnerabilities in multiple underlying services that can allow unauthenticated remote code execution by sending specially crafted packets to the PAPI UDP port 8211. Affected versions include InstantOS 6.4.x (6.4.4.8-4.2.4.20 and b...
CVE-2022-37885
CVE-2022-37885 (and related variants CVE-2022-37886/37887/37888/37889/37890/37891/37892) refer to buffer overflow vulnerabilities affecting Aruba InstantOS/ArubaOS devices. The issues occur in multiple underlying services that process packets to the PAPI UDP port 8211, enabling unauthenticated re...