Command injection

2023-03-0108:15:00

PRIOn knowledge base

www.prio-n.com

command injection

remote code execution

papi protocol

udp port 8211

privileged user

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%

JSON

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CPENameOperatorVersion
arubaosge8.6.0.0
arubaosle8.6.0.19
arubaosge8.10.0.0
arubaosle8.10.0.4
arubaosge10.3.0.0
arubaosle10.3.1.0
sd-waneq>= 8.7.0.02.3.0.0 AND <= 8.7.0.02.3.0.8