A vulnerability exists in the file creation process on the command line interface of HPE Aruba Networking AOS-8 Instant and AOS-10 AP access points. This vulnerability allows authenticated remote attackers to execute arbitrary operating system commands on the underlying system, potentially leading to a complete system compromise.
Exploitation of this vulnerability allows for unauthorized remote code execution on the affected access points, with the executed commands running on the underlying operating system. This could result in a full compromise of the system.
Users are advised to upgrade to AOS-10 AP 10.7.0.2 and above, AOS-10 AP 10.4.1.6 and above, AOS-8 Instant 8.12.0.4 and above, or AOS-8 Instant 8.10.0.16 and above. For assistance, contact HPE Services - HPE Aruba Networking.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
