CVSS: 8.5EPSS: 4%CPEs: 8EXPL: 4CVE-2021-25155 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25155
30 Mar 2021 — A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de modificac... • https://packetstorm.news/files/id/163524 •
CVSS: 9.0EPSS: 4%CPEs: 6EXPL: 0CVE-2021-25150
https://notcve.org/view.php?id=CVE-2021-25150
30 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecución remota de comandos arbitrarios en algunos productos Aruba Instant Access Point (IAP)... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 3%CPEs: 7EXPL: 0CVE-2021-25146
https://notcve.org/view.php?id=CVE-2021-25146
30 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecución remota de comandos arbitrarios en algunos pr... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2021-25149
https://notcve.org/view.php?id=CVE-2021-25149
29 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento de búfer remoto en algunos productos Aruba Inst... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-25148
https://notcve.org/view.php?id=CVE-2021-25148
29 Mar 2021 — A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de modificación remota de archivos arbitrarios en algunos productos Aruba Instant Access Point (IAP) ... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-25145
https://notcve.org/view.php?id=CVE-2021-25145
29 Mar 2021 — A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad d... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf •
CVSS: 10.0EPSS: 4%CPEs: 7EXPL: 0CVE-2020-24636
https://notcve.org/view.php?id=CVE-2020-24636
29 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecución remota de comandos arbitrarios en algunos pr... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 1%CPEs: 7EXPL: 0CVE-2021-25144
https://notcve.org/view.php?id=CVE-2021-25144
29 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento del búfer remoto en algunos productos Aruba Ins... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.0EPSS: 5%CPEs: 7EXPL: 0CVE-2020-24635
https://notcve.org/view.php?id=CVE-2020-24635
29 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecución remota de comandos arbitrarios en algunos pr... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25143
https://notcve.org/view.php?id=CVE-2021-25143
29 Mar 2021 — A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de denegación de servicio (DOS) remota en algunos productos Aruba Instant Access Point (IAP) en las versiones: Aruba Instant versiones 8.3.x: 8.3.0... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf •