Aruba Networks has released a security advisory to address 33 vulnerabilities that affect different versions of ArubaOS. The vulnerabilities affect various products, including Aruba Mobility Conductor, Aruba Mobility Controllers, and Aruba-managed WLAN Gateways and SD-WAN Gateways. Out of these 33 vulnerabilities, six are rated as critical. CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, and CVE-2023-22750 are critical severity command … Continue reading “ArubaOS Multiple Vulnerabilities (CVE-2023-22747, CVE-2023-22748, CVE-2023-22749, CVE-2023-22750, CVE-2023-22751, and CVE-2023-22752)”
Tag: Command Injection Vulnerability
Cacti Unauthenticated Command Injection Vulnerability (CVE-2022-46169)
Cacti, a web-based device monitoring tool, is vulnerable to a critical command injection vulnerability. Tracked as CVE-2022-46169, this vulnerability requires no authentication for exploitation. On successful exploitation, this could allow an unauthenticated attacker to execute arbitrary code if a specific data source was selected for any monitored device. Cacti is a network monitoring and graphing … Continue reading “Cacti Unauthenticated Command Injection Vulnerability (CVE-2022-46169)”
Atlassian Patches Critical Command Injection Vulnerability in Bitbucket Server and Data Center (CVE-2022-43781)
Atlassian has released a security advisory to address a critical vulnerability in Bitbucket Server and Data Center (CVE-2022-43781). Bitbucket is a Git-based code hosting and collaboration tool built for teams. Bitbucket Server is hosted on-premises while the Bitbucket Data Center is hosted on several servers in a cluster in your environment. CVE-2022-43781 is a command … Continue reading “Atlassian Patches Critical Command Injection Vulnerability in Bitbucket Server and Data Center (CVE-2022-43781)”
