CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2021-37729
https://notcve.org/view.php?id=CVE-2021-37729
07 Sep 2021 — A remote path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.0-2.2.0.4; Prior to 8.7.1.3, 8.6.0.9, 8.5.0.12, 8.3.0.16, 6.5.4.19, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de salto de ruta remota en Aruba SD-WAN Software and Gateways; Aruba Operating System Software versiones: anteriores a 8.6.0.0-2... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 3%CPEs: 9EXPL: 0CVE-2021-37721
https://notcve.org/view.php?id=CVE-2021-37721
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software ... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 7EXPL: 0CVE-2021-37718
https://notcve.org/view.php?id=CVE-2021-37718
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software versiones: anteriore... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 9EXPL: 0CVE-2021-37722
https://notcve.org/view.php?id=CVE-2021-37722
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software ... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 9EXPL: 0CVE-2021-37720
https://notcve.org/view.php?id=CVE-2021-37720
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software ... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 7EXPL: 0CVE-2021-37719
https://notcve.org/view.php?id=CVE-2021-37719
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-016.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 7EXPL: 0CVE-2021-37717
https://notcve.org/view.php?id=CVE-2021-37717
07 Sep 2021 — A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba SD-WAN Software and Gateways; Aruba Operating System Software versiones: anteriore... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2021-37716
https://notcve.org/view.php?id=CVE-2021-37716
07 Sep 2021 — A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability. Se ha detectado una vulnerabilidad de desbordamiento de búfer remoto en Aruba SD-WAN Software and Gateways; Aruba Operating System Software versiones: anteriores a 8.6.0.4-2.2.0.4; a... • https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 0%CPEs: 18EXPL: 0CVE-2020-24637
https://notcve.org/view.php?id=CVE-2020-24637
11 Dec 2020 — Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9,... • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us •
CVSS: 10.0EPSS: 1%CPEs: 22EXPL: 0CVE-2020-24633
https://notcve.org/view.php?id=CVE-2020-24633
11 Dec 2020 — There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13,... • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •