漏洞标题
在 PAPI 协议中多次无认证命令注入
漏洞描述信息
PAPI协议中的多个未身份验证的命令注入
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Multiple Unauthenticated Command Injections in the PAPI Protocol
漏洞描述信息
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Aruba Networks ArubaOS 命令注入漏洞
漏洞描述信息
Aruba Networks ArubaOS是美国安移通(Aruba Networks)公司的一套面向Aruba Mobility-Defined Networks(包括移动控制器和移动接入交换机)的操作系统。 Aruba Networks ArubaOS 存在安全漏洞,该漏洞源于发现多个命令注入漏洞,通过将特制数据包发送到 PAPI(Aruba Networks access point management protocol)的 UDP 端口 (8211),可能导致未经身份验证的远程代码执行。
CVSS信息
N/A
漏洞类别
命令注入