N/A

A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. This vulnerability only affects ArubaOS 8.x.

N/A

N/A

Aruba Networks ArubaOS 操作系统命令注入漏洞

Aruba Networks ArubaOS是美国安移通网络（Aruba Networks）公司的一套面向Aruba Mobility-Defined Networks（包括移动控制器和移动接入交换机）的操作系统。 Aruba Networks ArubaOS 8.x版本中的web管理界面存在操作系统命令注入漏洞。攻击者可利用该漏洞在系统上执行任意命令，安装后门或更改系统配置。

N/A

N/A