Erikdejong

**Name of the Vulnerable Software and Affected Versions** Aruba Access Points (affected versions not specified) **Description** Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system. The issue is due to improper neutralization of special elements in commands, potentially creating a risk for enterprise networks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aruba's Access Point (affected versions not specified) **Description** Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Aruba Access Point versions (affected versions not specified) **Description** Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ArubaOS (affected versions not specified) Description: A Path Traversal vulnerability exists in the ArubaOS, related to incorrect restriction of directory path names with limited access. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ArubaOS (affected versions not specified) Description: The issue is related to the command line interface (CLI) of ArubaOS, where a lack of proper sanitization of special elements in operating system commands can be exploited. This allows a remote attacker to execute arbitrary commands. Successful exploitation results in the ability to run arbitrary commands as a privileged user on the underlying operating system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: ArubaOS (affected versions not specified) Description: An authenticated command injection issue exists in the ArubaOS command line interface, allowing successful exploitation to result in the ability to inject shell commands on the underlying operating system. This could enable a remote attacker to execute arbitrary commands. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.