Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arubanetworks airwave vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-26966
A remote authenticated sql injection vulnerability exists in Aruba AirWave Management Platform version(s): before 8.2.12.0. Multiple vulnerabilities in the API of AirWave could allow an authenticated remote malicious user to conduct SQL injection attacks against the AirWave insta...
Arubanetworks Airwave
8.8
CVSSv3
CVE-2021-26960
A remote unauthenticated cross-site request forgery (csrf) vulnerability exists in Aruba AirWave Management Platform version(s): before 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an unauthenticated remote malicious user to conduct a CSRF a...
Arubanetworks Airwave
8.8
CVSSv3
CVE-2021-26961
A remote unauthenticated cross-site request forgery (csrf) vulnerability exists in Aruba AirWave Management Platform version(s): before 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an unauthenticated remote malicious user to conduct a CSRF a...
Arubanetworks Airwave
7.2
CVSSv3
CVE-2021-26962
A remote authenticated arbitrary command execution vulnerability exists in Aruba AirWave Management Platform version(s): before 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful explo...
Arubanetworks Airwave
7.2
CVSSv3
CVE-2020-24638
Multiple authenticated remote command executions are possible in Airwave Glass prior to 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system.
Arubanetworks Airwave Glass
9.8
CVSSv3
CVE-2020-24639
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass prior to 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
Arubanetworks Airwave Glass
7.5
CVSSv3
CVE-2020-24641
In Aruba AirWave Glass prior to 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately ga...
Arubanetworks Airwave Glass
9.8
CVSSv3
CVE-2020-24640
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass prior to 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
Arubanetworks Airwave Glass
9.8
CVSSv3
CVE-2020-7128
A remote unauthenticated arbitrary code execution vulnerability exists in Aruba Airwave Software version(s): before 1.3.2.
Arubanetworks Airwave Glass
7.2
CVSSv3
CVE-2020-7129
A remote execution of arbitrary commands vulnerability exists in Aruba Airwave Software version(s): before 1.3.2.
Arubanetworks Airwave Glass
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »