ArubaOS Command Injection Vulnerabilities: Privileged User Execution
CVE-2024-25613
What is CVE-2024-25613?
ArubaOS, the operating system developed by Aruba Networks, is impacted by authenticated command injection vulnerabilities within its command line interface. These flaws could allow an attacker with valid credentials to inject malicious commands, ultimately enabling the execution of arbitrary code at the privilege level of the underlying operating system. This poses significant security risks, as it may lead to unauthorized access and manipulation of sensitive system resources. Organizations using affected versions of ArubaOS are advised to review their security posture and apply necessary mitigations to protect against potential exploitation of these vulnerabilities.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.5.x.x: 10.5.0.1 and below
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.5.x.x: 10.5.0.1 and below
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.4.x.x: 10.4.0.3 and below
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved