Command injection

2023-03-0108:15:00

PRIOn knowledge base

www.prio-n.com

aruba networks

papi

udp

port 8211

command injection

vulnerability

unauthenticated

remote code execution

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.9%

JSON

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

CPENameOperatorVersion
arubaosge8.6.0.0
arubaosle8.6.0.19
arubaosge8.10.0.0
arubaosle8.10.0.4
arubaosge10.3.0.0
arubaosle10.3.1.0
sd-waneq>= 8.7.0.02.3.0.0 AND <= 8.7.0.02.3.0.8