Chained vulnerabilities in Aruba Networks firmware allowed remote code execution on routers

guest · Jul 20, 2021

Chained vulnerabilities in Aruba Networks firmware allowed remote code execution on routers
Office pen test leads to discovery of multiple bugs in enterprise networking kit
July 20, 2021
https://portswigger.net/daily-swig/...ware-allowed-remote-code-execution-on-routers

Multiple vulnerabilities in routers from Aruba Networks allowed attackers to conduct a series of malicious activities including remote code execution (RCE), security researchers have found.

Itai Greenhut and Gal Zror from Aleph Security found a total of eight vulnerabilities in Aruba Instant, the software that allows administrators to configure the settings of Aruba routers.
Click to expand...

Route to takeover
Aruba routers are configured through a restricted command-line interface. The router also has an associated CGI portal that allows users to send commands to the CLI through a web interface.

The researchers found a command injection vulnerability in one of the CLI commands that allowed them to create directories and download files to the server. They were then able to exploit the same vulnerability through the query string of the web interface that communicates with the CLI module.
Finally, they used a bug in the server’s Process Application Programming Interface (PAPI) to force the router to expose the contents of its configuration file.
Click to expand...

With Aruba being a major supplier of gear for enterprise customers such as airports, hospitals, and universities, the implications of having vulnerable routers in public locations and accessible through the internet can be critical.

According to an advisory from Aruba that details the vulnerabilities, the bugs were fixed earlier this year.
Click to expand...

Log in or Sign up

Chained vulnerabilities in Aruba Networks firmware allowed remote code execution on routers

guest Guest

Log in or Sign up

Chained vulnerabilities in Aruba Networks firmware allowed remote code execution on routers

guest Guest

Useful Searches