Unrated severityNVD Advisory· Published May 8, 2023· Updated Jan 31, 2025

Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface

CVE-2023-22789

Description

Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Affected products

Arubanetworks/Aruba InstantOSllm-create
Arubanetworks/ArubaOS-CXllm-fuzzy
Hewlett Packard Enterprise (HPE)/Aruba Access Points running InstantOS and ArubaOS 10v5
Range: Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txtmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000