发布于3月6日3月6日 Members Aruba AOS-10: CVE-2023-22754: Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 02/28/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-22754 References https://attackerkb.com/topics/cve-2023-22754 CVE - 2023-22754 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-002.json
