Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code within the underlying operating system with full system privileges. Such an attack could lead to complete system compromise. The ability to transmit traffic to an IP interface on the mobility controller is required to carry out an attack. The attack leverages the PAPI protocol (UDP port 8211). If the mobility controller is only bridging L2 traffic to an uplink and does not have an IP address that is accessible to the attacker, it cannot be attacked.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Aruba Networks ArubaOS 输入验证错误漏洞
Vulnerability Description
Aruba Networks ArubaOS是美国安移通网络(Aruba Networks)公司的一套面向Aruba Mobility-Defined Networks(包括移动控制器和移动接入交换机)的操作系统。 Aruba Networks ArubaOS中的网络监听模块存在远程代码执行漏洞。攻击者可通过传递特制的IP流量利用该漏洞造成进程崩溃或以系统权限在底层操作系统上执行任意代码。以下产品及版本受到影响:Aruba Networks ArubaOS 6.4.4.21之前的6.x版本,6.5.4.1
CVSS Information
N/A
Vulnerability Type
N/A