Aruba Networks Web Management Portal CVE-2014-2592 Arbitrary File Upload Vulnerability

Bugtraq ID:	69394
Class:	Input Validation Error
CVE:	CVE-2014-2592
Remote:	Yes
Local:	No
Published:	Jul 15 2014 12:00AM
Updated:	Jul 15 2014 12:00AM
Credit:	Francisco Ribeiro
Vulnerable:
Not Vulnerable:

Aruba Networks Web Management Portal CVE-2014-2592 Arbitrary File Upload Vulnerability

Aruba Networks Web Management Portal is prone to a vulnerability that lets attackers upload arbitrary files.

An attacker can exploit this issue to upload arbitrary code and run it in the context of the web server process; other attacks are also possible.

Web Management Portal 6.3.0.60730 is vulnerable; other versions may also be affected.

Aruba Networks Web Management Portal CVE-2014-2592 Arbitrary File Upload Vulnerability

Attackers can exploit this issue through a browser.

Aruba Networks Web Management Portal CVE-2014-2592 Arbitrary File Upload Vulnerability

References:

• Aruba Networks Homepage (Aruba Networks)
  
• Vulnerability title: Arbitrary Code Execution In Aruba Web Management Portal (Portcullis Computer Security)