发布于3月6日3月6日 Members Aruba AOS-10: CVE-2023-22747: Multiple Unauthenticated Command Injections in the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-22747 References https://attackerkb.com/topics/cve-2023-22747 CVE - 2023-22747 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json
