Aruba Networks ArubaOS 命令注入漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from an authenticated command injection vulnerability i...

Aruba Networks ArubaOS 路径遍历漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that stems from an authenticated path traversal vulnerability in the...

Aruba Networks ArubaOS 路径遍历漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that stems from an authenticated path traversal vulnerability in the...

Aruba Networks ArubaOS 安全漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from sensitive information that can be accessed through...

CVE-2023-22776

CVE-2023-22776 describes an authenticated path traversal vulnerability in the ArubaOS command line interface, enabling reading of arbitrary files on the underlying OS (including sensitive system files). The issue is confirmed across ArubaOS deployments used in WLAN Gateway, SD-WAN Gateway, and Ar...

CVE-2023-22776 Authenticated Remote Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Read

An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files...

CVE-2023-22775 Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface

A vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level...

CVE-2023-22775

CVE-2023-22775 affects ArubaOS, specifically an authenticated information disclosure via the ArubaOS command line interface. The vulnerability allows an authenticated attacker to access sensitive information beyond their current privilege level, impacting confidentiality (C:H) with no integrity o...

CVE-2023-22774 Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.

Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system...

CVE-2023-22773 Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.

Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system...

CVE-2023-22771 Insufficient Session Expiration in ArubaOS Command Line Interface

An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account...

CVE-2023-22771 Insufficient Session Expiration in ArubaOS Command Line Interface

An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account...

CVE-2023-22770 Authenticated Remote Command Execution in the ArubaOS Command Line Interface

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2023-22767

CVE-2023-22767 describes authenticated command injection in ArubaOS CLI, allowing an attacker with high privileges (and network access) to execute arbitrary commands as the underlying OS user. Affects ArubaOS (used in Mobility Controllers/Gateways) via the CLI; CVSSv3.1 base score 7.2 (HIGH) with...

CVE-2023-22765 Authenticated Remote Command Execution in the ArubaOS Command Line Interface

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2023-22764

CVE-2023-22764 describes an authenticated command injection vulnerability in ArubaOS CLI that allows executing arbitrary commands as a privileged user on the underlying system. The issue affects ArubaOS as used in Aruba Mobility Controllers, Gateways, and related components, with exploitation req...

CVE-2023-22762 Authenticated Remote Command Execution in the ArubaOS Command Line Interface

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2023-22762 Authenticated Remote Command Execution in the ArubaOS Command Line Interface

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

PT-2023-2101 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: The issue is related to an insufficient session expiration in the command line interface of ArubaOS. This allows an attacker to maintain a session on an affected device even after the accou...

markdown-it-py Denial of Service vulnerability in the command line interface

Denial of service could be caused to the command line interface of markdown-it-py, before v2.2.0, if an attacker was allowed to use invalid UTF-8 characters as input...