First published: Fri Mar 09 2018(Updated: )
Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Arubanetworks Web Management Portal | =6.3.0.60730 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-2592 has a high severity rating due to the potential for remote code execution by attackers.
To mitigate CVE-2014-2592, ensure that file uploads are limited to specific types and extensions and implement strict validation.
CVE-2014-2592 affects the Aruba Web Management Portal version 6.3.0.60730.
Yes, CVE-2014-2592 can be exploited remotely, allowing attackers to upload malicious files.
Exploiting CVE-2014-2592 can lead to arbitrary code execution on the server, compromising the entire system.