Skip to main content

Instant

28 CVEs product

Monthly

CVE-2022-37896 MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-37895 MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-37894 MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-37893 HIGH This Week

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-37892 MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-37891 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37890 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37889 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37887 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37886 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37885 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37888 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2021-25162 HIGH POC PATCH THREAT This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Command Injection Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
27.0%
CVE-2021-25161 MEDIUM POC PATCH THREAT This Month

A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
16.4%
CVE-2021-25160 MEDIUM POC PATCH This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
4.9
EPSS
7.1%
CVE-2021-25159 MEDIUM POC PATCH THREAT This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
13.5%
CVE-2021-25158 MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Race Condition Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
5.9
EPSS
30.6%
CVE-2021-25157 MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
4.9
EPSS
10.3%
CVE-2021-25156 MEDIUM POC PATCH THREAT This Month

A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
4.9
EPSS
40.5%
CVE-2021-25155 MEDIUM POC PATCH THREAT This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD Exploit-DB
CVSS 3.1
6.5
EPSS
13.3%
CVE-2021-25150 HIGH PATCH This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-25146 HIGH PATCH This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
7.2
EPSS
2.7%
CVE-2021-25149 CRITICAL PATCH Act Now

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2021-25148 HIGH PATCH This Week

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2021-25145 MEDIUM PATCH This Month

A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2021-25144 HIGH PATCH This Week

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-25143 HIGH PATCH This Week

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Aruba Instant Scalance W1750D Firmware
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2017-13099 HIGH POC PATCH THREAT Act Now

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 78.7%.

Microsoft Information Disclosure Oracle Wolfssl Scalance W1750D Firmware +1
NVD GitHub
CVSS 3.0
7.5
EPSS
78.7%
Threat
5.4
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Arubaos +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Arubaos +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Arubaos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 27% CVSS 8.1
HIGH POC PATCH THREAT This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Command Injection Aruba Instant +1
NVD Exploit-DB
EPSS 16% CVSS 6.1
MEDIUM POC PATCH THREAT This Month

A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Aruba Instant +1
NVD Exploit-DB
EPSS 7% CVSS 4.9
MEDIUM POC PATCH This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant +1
NVD Exploit-DB
EPSS 13% CVSS 6.5
MEDIUM POC PATCH THREAT This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant +1
NVD Exploit-DB
EPSS 31% CVSS 5.9
MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Information Disclosure Race Condition Aruba +2
NVD Exploit-DB
EPSS 10% CVSS 4.9
MEDIUM POC PATCH THREAT This Month

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant +1
NVD Exploit-DB
EPSS 41% CVSS 4.9
MEDIUM POC PATCH THREAT This Month

A remote arbitrary directory create vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x:. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant +1
NVD Exploit-DB
EPSS 13% CVSS 6.5
MEDIUM POC PATCH THREAT This Month

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Aruba Instant +1
NVD Exploit-DB
EPSS 3% CVSS 8.8
HIGH PATCH This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Aruba Instant +1
NVD
EPSS 3% CVSS 7.2
HIGH PATCH This Week

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Aruba Instant +1
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aruba Instant +1
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x:. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Aruba Instant +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Aruba Instant +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Aruba Instant +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Aruba Instant +1
NVD
EPSS 79% 5.4 CVSS 7.5
HIGH POC PATCH THREAT Act Now

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 78.7%.

Microsoft Information Disclosure Oracle +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy