Vulnerabilities > Siemens > Scalance W1750D Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-37893 OS Command Injection vulnerability in multiple products
An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface.
local
low complexity
arubanetworks siemens CWE-78
7.8
2022-10-07 CVE-2022-37894 An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10.
low complexity
arubanetworks siemens
6.5
2022-10-07 CVE-2022-37895 An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10.
network
low complexity
arubanetworks siemens
4.9
2022-10-07 CVE-2022-37896 Cross-site Scripting vulnerability in multiple products
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks siemens CWE-79
6.1
2022-10-07 CVE-2022-37885 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37886 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37887 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37889 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37890 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37891 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
9.8