High severity7.2NVD Advisory· Published Aug 22, 2023· Updated Jun 17, 2026
CVE-2023-37428
CVE-2023-37428
Description
A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
Affected products
2- Hewlett Packard Enterprise (HPE)/EdgeConnect SD-WAN Orchestratorv5Range: Orchestrator 9.3.x
Patches
Vulnerability mechanics
References
1- www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txtnvdVendor Advisory
News mentions
0No linked articles in our index yet.