PT-2023-1568 · Aruba · Arubaos
Published
2023-02-28
·
Updated
2023-03-10
·
CVE-2023-22758
CVSS v2.0
8.3
High
| Vector | AV:N/AC:L/Au:M/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
ArubaOS (affected versions not specified)
Description
The issue exists in the ArubaOS web-based management interface due to the lack of measures to neutralize special elements used in the operating system command. This allows an attacker to execute arbitrary commands as a privileged user on the underlying operating system, potentially fully compromising the device.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Command Injection
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Arubaos