CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2022-37895
https://notcve.org/view.php?id=CVE-2022-37895
07 Oct 2022 — An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected AP of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 ... • https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf •
CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0CVE-2022-37888
https://notcve.org/view.php?id=CVE-2022-37888
06 Oct 2022 — There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS... • https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2019-5319
https://notcve.org/view.php?id=CVE-2019-5319
30 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento de búfer remoto en algunos productos Aruba Inst... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 3CVE-2021-25161 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25161
30 Mar 2021 — A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de tipo cross... • https://packetstorm.news/files/id/163522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 34%CPEs: 8EXPL: 4CVE-2021-25162 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25162
30 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecu... • https://packetstorm.news/files/id/163522 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 2CVE-2021-25160 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25160
30 Mar 2021 — A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de modificac... • https://packetstorm.news/files/id/163522 •
CVSS: 8.5EPSS: 0%CPEs: 8EXPL: 3CVE-2021-25159 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25159
30 Mar 2021 — A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de modificac... • https://packetstorm.news/files/id/163522 •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 3CVE-2021-25157 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25157
30 Mar 2021 — A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de lectura remota de... • https://packetstorm.news/files/id/163522 •
CVSS: 5.9EPSS: 3%CPEs: 7EXPL: 3CVE-2021-25158 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25158
30 Mar 2021 — A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de lectura remota de archivos arbitrarios en algunos productos Aruba ... • https://packetstorm.news/files/id/163522 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.9EPSS: 0%CPEs: 8EXPL: 3CVE-2021-25156 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25156
30 Mar 2021 — A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de creación d... • https://packetstorm.news/files/id/163522 •