Vulnerabilities > Siemens > Scalance W1750D Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-37893 OS Command Injection vulnerability in multiple products
An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface.
local
low complexity
arubanetworks siemens CWE-78
7.8
2021-11-11 CVE-2002-20001 Resource Exhaustion vulnerability in multiple products
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack.
network
low complexity
balasys siemens suse f5 hpe stormshield CWE-400
7.5
2021-10-12 CVE-2021-37732 OS Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant 8.7.x.x: 8.7.1.0 and below.
network
low complexity
arubanetworks siemens CWE-78
7.2
2021-10-12 CVE-2021-37727 OS Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below.
network
low complexity
arubanetworks siemens CWE-78
7.2
2021-10-12 CVE-2021-37730 OS Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below.
network
low complexity
arubanetworks siemens CWE-78
7.2
2021-09-07 CVE-2021-37717 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37718 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.6; Prior to 8.7.1.4, 8.6.0.7, 8.5.0.12, 8.3.0.16.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37720 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37721 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37722 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.
network
low complexity
arubanetworks siemens CWE-77
7.2