CVE-2023-22747

Name of the Vulnerable Software and Affected Versions ArubaOS (affected versions not specified)

Description The issue is related to the implementation of the PAPI network protocol in ArubaOS, which lacks proper data sanitization at the management level. This can be exploited by a remote attacker to execute arbitrary code. The vulnerability involves command injection flaws that can be triggered by sending specially crafted packets to the PAPI UDP port (8211), potentially allowing unauthenticated remote code execution as a privileged user on the underlying operating system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.