HPE-owned network access solutions provider Aruba has patched XML external entity (XXE) and cross-site scripting (XSS) vulnerabilities in its AirWave network management platform.

The vulnerabilities were reported to Aruba by Pichaya Morimoto of SEC Consult and independently by two other researchers. Both weaknesses affect AirWave’s VisualRF component.

read more

Recommended Posts

‘Underminr’ Vulnerability Lets Attackers Hide Malicious Connections Behind Trusted Domains
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking