Описание
Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system.
Уязвимые конфигурации
Конфигурация 1Версия от 8.10.0.0 (включая) до 8.10.0.16 (исключая)Версия от 8.12.0.0 (включая) до 8.12.0.4 (исключая)Версия от 10.4.0.0 (включая) до 10.4.1.7 (исключая)Версия от 10.7.0.0 (включая) до 10.7.1.1 (исключая)
Одно из
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00438
Низкий
7.2 High
CVSS3
Дефекты
CWE-434
Связанные уязвимости
CVSS3: 7.2
github
10 месяцев назад
Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files and execute arbitrary commands on the underlying host operating system.
EPSS
Процентиль: 63%
0.00438
Низкий
7.2 High
CVSS3
Дефекты
CWE-434