CVE-2023-22748

Name of the Vulnerable Software and Affected Versions ArubaOS (affected versions not specified)

Description The issue is related to the implementation of the PAPI protocol in ArubaOS, which lacks proper data sanitization at the management level. This can be exploited by sending specially crafted packets to the PAPI UDP port (8211), potentially leading to unauthenticated remote code execution. Successful exploitation allows an attacker to execute arbitrary code as a privileged user on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.