cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-41136,https://securityvulnerability.io/vulnerability/CVE-2024-41136,Aruba Networking EdgeConnect SD-WAN Gateways Command Injection Vulnerability,"An authenticated command injection vulnerability exists within the command line interface of HPE Aruba Networking EdgeConnect SD-WAN gateways. Exploitation of this vulnerability grants malicious actors the capability to execute arbitrary commands as a privileged user in the underlying operating system. This poses significant security threats, compromising the integrity and confidentiality of the affected systems. Proper security measures and patches should be implemented to mitigate the risks associated with this vulnerability.",HP,HP Aruba Networking Edgeconnect Sd-wan,8.8,HIGH,0.0005099999834783375,false,false,false,false,,false,false,2024-07-24T20:05:42.905Z,0 CVE-2024-41135,https://securityvulnerability.io/vulnerability/CVE-2024-41135,Remote Command Execution Vulnerability in HPE Aruba Networking EdgeConnect SD-WAN Gateway,"A vulnerability has been identified in the Command Line Interface (CLI) of the HPE Aruba Networking EdgeConnect SD-WAN gateway. This flaw permits remote authenticated users to execute arbitrary commands on the host operating system. Successful exploitation could lead to unauthorized access and complete system compromise, allowing attackers to manipulate the system and potentially gain control over sensitive data and operations.",HP,HP Aruba Networking Edgeconnect Sd-wan,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-24T20:03:45.603Z,0 CVE-2024-41134,https://securityvulnerability.io/vulnerability/CVE-2024-41134,Remote Command Execution Vulnerability in HPE Aruba Networking EdgeConnect SD-WAN Gateway,"A vulnerability has been identified in the Command Line Interface (CLI) of the HPE Aruba Networking EdgeConnect SD-WAN gateway. This flaw permits remote authenticated users to execute arbitrary commands on the underlying host operating system. When exploited, this vulnerability provides an attacker with the capability to run commands as the root user, potentially leading to a complete compromise of system integrity and security. Organizations utilizing affected versions of the EdgeConnect SD-WAN gateway must apply necessary security updates to mitigate this risk as soon as possible.",HP,HP Aruba Networking Edgeconnect Sd-wan,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-24T20:02:19.471Z,0 CVE-2024-41133,https://securityvulnerability.io/vulnerability/CVE-2024-41133,Remote Command Execution Vulnerability in EdgeConnect SD-WAN Gateway,"A significant vulnerability exists in the Command Line Interface of the HPE Aruba Networking EdgeConnect SD-WAN gateway, allowing remote authenticated users to execute arbitrary commands on the underlying host system. If exploited, this vulnerability grants attackers the capability to run commands as a root user on the underlying operating system, which can lead to a complete compromise of the system. Organizations utilizing affected versions of the HPE Aruba Networking EdgeConnect SD-WAN gateway should take immediate action to secure their systems against potential exploitation.",HP,HP Aruba Networking Edgeconnect Sd-wan,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-24T20:00:19.562Z,0 CVE-2024-33519,https://securityvulnerability.io/vulnerability/CVE-2024-33519,Vulnerability in HPE Aruba Networking EdgeConnect SD-WAN Gateway Could Lead to Complete System Compromise,"A vulnerability exists in the web-based management interface of the HPE Aruba Networking EdgeConnect SD-WAN gateway, which can be exploited by an authenticated remote attacker to conduct a server-side prototype pollution attack. This exploitation allows for arbitrary command execution on the underlying operating system, potentially leading to a full compromise of the system. Ensuring timely updates and implementing security best practices are crucial in mitigating the risks associated with this vulnerability.",HP,HP Aruba Networking Edgeconnect Sd-wan,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-24T19:57:27.110Z,0 CVE-2024-22444,https://securityvulnerability.io/vulnerability/CVE-2024-22444,Reflected Cross-Site Scripting Vulnerability in EdgeConnect SD-WAN Orchestrator Could Lead to Arbitrary Code Execution,A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victims browser in the context of the affected interface.,HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,6.1,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-07-24T15:17:18.394Z,0 CVE-2024-22443,https://securityvulnerability.io/vulnerability/CVE-2024-22443,Server-side Prototype Pollution Vulnerability Could Lead to System Compromise,"A vulnerability exists in the web-based management interface of the EdgeConnect SD-WAN Orchestrator, enabling authenticated remote attackers to carry out server-side prototype pollution attacks. Exploiting this flaw can lead to arbitrary command execution on the underlying operating system, potentially resulting in complete system takeover. Organizations using the affected product are urged to assess their exposure and implement necessary security measures to protect their systems.",HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,8.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-07-24T15:08:07.150Z,0 CVE-2024-41914,https://securityvulnerability.io/vulnerability/CVE-2024-41914,Stored Cross-Site Scripting (XSS) Vulnerability in EdgeConnect SD-WAN Orchestrator,"A vulnerability exists in the web-based management interface of HPE's EdgeConnect SD-WAN Orchestrator, which can be exploited by an authenticated remote attacker to initiate a stored cross-site scripting (XSS) attack. This flaw allows the execution of arbitrary script code in the browser of an administrative user interacting with the affected interface. The dynamic nature of the web-based interface may allow the attacker to store malicious scripts, which are then executed whenever an administrator accesses the compromised section. Proper security measures and updates are necessary to mitigate this potential risk.",HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,9,CRITICAL,0.0005000000237487257,false,false,false,false,,false,false,2024-07-24T14:57:55.556Z,0