The vulnerability of the command-line interface of the Aruba EdgeConnect Enterprise network management platform allows a attacker to execute arbitrary code and bring the system into a fully compromised state.

The vulnerability of the command-line interface of the Aruba EdgeConnect Enterprise network management platform exists due to the lack of measures taken to neutralize special elements used in the operating system command line. Exploiting this vulnerability allows a remote attacker to execute...

Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation (CVE-2015-4237)

The CLI parser in Cisco NX-OS 4.12E11, 6.211b, 6.212, 7.20ZZ99.1, 7.20ZZ99.3, and 9.11SV13.1.8 on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and...

CVE-2021-43072

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version...

CVE-2023-20210

A vulnerability in Cisco BroadWorks could allow an authenticated, local attacker to elevate privileges to the root user on an affected device. The vulnerability is due to insufficient input validation by the operating system CLI. An attacker could exploit this vulnerability by issuing a crafted...

PT-2023-7254 · Zyxel · Zyxel Usg Flex Series +4

Name of the Vulnerable Software and Affected Versions: Zyxel ATP series versions 4.32 through 5.37 Zyxel USG FLEX series versions 4.50 through 5.37 Zyxel USG FLEX 50W series versions 4.16 through 5.37 Zyxel USG20W-VPN series versions 4.16 through 5.37 Zyxel VPN series versions 4.30 through 5.37...

The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary commands.

The vulnerability of the command-line interface of ArubaOS exists because measures to neutralize the special elements used in the operating system’s command are not taken. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CVE-2023-35975

An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system...

CVE-2023-35977

Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level...

CVE-2023-35976

Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level...

CVE-2023-35977

Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level...

CVE-2023-35976 Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface

Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level...

CVE-2023-35976

CVE-2023-35976 describes an authenticated sensitive information disclosure in ArubaOS by exploiting the command-line interface. Across provided documents, the vulnerability allows an authenticated attacker to access data beyond the user’s existing privilege level. The ArubaOS PSA and Nessus plugi...

CVE-2023-35975

CVE-2023-35975 describes an authenticated path traversal in ArubaOS CLI that allows deletion of arbitrary files in the underlying OS. Affected products are ArubaOS versions prior to fixed releases; Nessus ARUBA-PSA-2023-008 lists ArubaOS <8.6.0.21, <8.10.0.7, <8.11.1.1, and

CVE-2023-35974 Authenticated Remote Command Execution in the ArubaOS Command Line Interface

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

Aruba Networks ArubaOS 信息泄露漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. An information disclosure vulnerability exists in Aruba Networks ArubaOS, which arises from a command line interface that allow...

Aruba Networks ArubaOS 命令注入漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. Aruba Networks ArubaOS suffers from a command injection vulnerability that originates from an authenticated command injection i...

Aruba Networks ArubaOS 跨站脚本漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS that originates from a command line interface that allows an...

Aruba Networks ArubaOS 命令注入漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. Aruba Networks ArubaOS suffers from a command injection vulnerability that originates from an authenticated command injection i...

Aruba Networks ArubaOS 信息泄露漏洞

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches, from Aruba Networks, Inc. An information disclosure vulnerability exists in Aruba Networks ArubaOS, which arises from a command line interface that allow...

PT-2023-3997 · Cisco · Cisco Broadworks

Name of the Vulnerable Software and Affected Versions: Cisco BroadWorks affected versions not specified Description: The issue exists due to insufficient input validation by the operating system CLI, allowing an attacker to elevate privileges to the root user on an affected device. An attacker...