CVE-2018-7081
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code within the underlying operating system with full system privileges. Such an attack could lead to complete system compromise. The ability to transmit traffic to an IP interface on the mobility controller is required to carry out an attack. The attack leverages the PAPI protocol (UDP port 8211). If the mobility controller is only bridging L2 traffic to an uplink and does not have an IP address that is accessible to the attacker, it cannot be attacked.
Una vulnerabilidad de ejecución de código remota está presente en los componentes de escucha de red en algunas versiones de ArubaOS. Un atacante con la capacidad de transmitir tráfico IP especialmente diseñado hacia un controlador de movilidad podría explotar esta vulnerabilidad y causar un bloqueo del proceso o ejecutar código arbitrario dentro del sistema operativo subyacente con todos los privilegios del sistema. Tal y como un ataque podría conllevar a un compromiso total del sistema. La capacidad para transmitir tráfico hacia una interfaz IP en el controlador de movilidad es requerida para llevar a cabo un ataque. El ataque aprovecha el protocolo PAPI (puerto UDP 8211). Si el controlador de movilidad está solo conectando el tráfico L2 a un enlace ascendente y no tiene una dirección IP accesible para el atacante, no puede ser atacado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-15 CVE Reserved
- 2019-09-13 CVE Published
- 2023-08-20 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://x-c3ll.github.io/posts/CVE-2018-7081-RCE-ArubaOS | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-004.txt | 2019-09-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | < 6.4.4.21 Search vendor "Arubanetworks" for product "Arubaos" and version " < 6.4.4.21" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 6.5.0.0 < 6.5.4.13 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 6.5.0.0 < 6.5.4.13" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.0.0.0 < 8.2.2.6 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.0.0.0 < 8.2.2.6" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.3.0.0 < 8.3.0.7 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.3.0.0 < 8.3.0.7" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.4.0.0 < 8.4.0.3 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.4.0.0 < 8.4.0.3" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.4.0.4 < 8.5.0.0 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.4.0.4 < 8.5.0.0" | - |
Affected
| ||||||