cvedb.io
CVE-2023-22749
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2023-03-01T08:15:12.560 · Last modified 2026-06-17T05:36:05.617

Summary

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Affected products

arubanetworks — sd-wan

Does this affect you?

Add your gear to cvedb and we'll alert you only when arubanetworks ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.