CVE-2023-22761

Name of the Vulnerable Software and Affected Versions ArubaOS (affected versions not specified)

Description The issue exists in the ArubaOS web-based management interface, where authenticated remote command injection is possible. This allows an attacker to execute arbitrary commands as a privileged user on the underlying operating system, potentially leading to full compromise of the operating system on the device running ArubaOS. The vulnerability is due to the lack of neutralization of special elements used in the operating system command.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.