A stack overflow vulnerability has been identified in the web-based management interface of HPE Aruba Networking AOS-10 Mobility Gateways. This vulnerability allows authenticated malicious actors to execute arbitrary code as privileged users on the underlying operating system. The issue arises from improper input handling that leads to a buffer overflow, enabling the execution of unauthorized commands.
Exploitation of this vulnerability could result in authenticated users executing arbitrary code with elevated privileges on the affected system's operating system.
To address this vulnerability, HPE Aruba Networking recommends upgrading to AOS-10.7.2.2 or above, or AOS-10.4.1.10 or above. For more information, visit the HPE Aruba Networking Support Portal.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
