cbcvebase.
CVE-2023-3718
published 2023-08-01

CVE-2023-3718: An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the…

PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.39%
68.8th percentile
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker to fully compromise the underlying operating system on the device running AOS-CX.

Affected

4 ranges
VendorProductVersion rangeFixed in
hewlett_packard_enterprisearuba_cx_switches
hewlett_packard_enterprisearuba_cx_switches
hpearubaos-cx10.10.0000 – 10.10.1050
hpearubaos-cx10.11.0000 – 10.11.1010
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.