Unrated severityNVD Advisory· Published Feb 28, 2023· Updated Mar 7, 2025
Authenticated Path Traversal in ArubaOS Web-based Management Interface Allows for Arbitrary File Deletion
CVE-2023-22772
Description
An authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.
Affected products
2- Hewlett Packard Enterprise (HPE)/Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Centralv5Range: ArubaOS 8.6.x.x: 8.6.0.19 and below
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.