Main Vulnerability Database Exploits ID:11128 - Exploit for Missing Encryption of Sensitive Data in ArubaOS and Aruba Instant - CVE-2022-47522

ID:11128 - Exploit for Missing Encryption of Sensitive Data in ArubaOS and Aruba Instant - CVE-2022-47522

Published: February 10, 2025

Vulnerability identifier: #VU74346

Vulnerability risk: Medium

CVE-ID: CVE-2022-47522

CWE-ID: CWE-311

Exploitation vector: Adjecent network

Vulnerable software:
ArubaOS
Aruba Instant

Link to public exploit:

https://github.com/toffeenutt/CVE-2022-47522-exploit

Vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to the way Wi-Fi devices manage transmit queues. A remote attacker can force the device to send traffic unencrypted by manipulating the transmit queues.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:11128 - Exploit for Missing Encryption of Sensitive Data in ArubaOS and Aruba Instant - CVE-2022-47522

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human