Controllerless Networks

Occasional Contributor I

AP vulnerability

I installed a new set of Aruba 105's at a remote office running Corporate access with Radius Auth and Guest access with password Auth, both on separate non-routed vlans. The Version is

We also have the identical setup at our main office running Version

A pen tester found that if you authenticate to the remote office guest wireless, then revisit the url a few times (
The config, including Admin user/password and Radius password are displayed in plain text.

Then - very scary, if you go to the URL (dispite being on a separarte vlan) you get the contoller home page, which you can log in to with the previously found admin user/pass.

This was mitigated by simply going to Settings>General>Deny inter user bridging - Enable and Deny local routing - Enable.

At our main office (Version these settings are Disabled, but I am unable to replicate the issue here. So it must be a vulnerability with

Has anyone come across this vulnerability before and know if it is fixed in later versions?


Guru Elite

Re: AP vulnerability

You are running very old code.  Please upgrade to the latest, which has the fix.


*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.5 User Guide
InstantOS 8.5 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Remote Access Point Solution Guide
ArubaOS Consolidated Release Notes
ArubaOS 8 ViA VPN Solution Guide
Occasional Contributor I

Re: AP vulnerability

Its not that old, the 105's were purchased a few months ago and shipped with this version. We are running a much older version without this vulnerability. Do you know if this vulnerability is documented anywhere?



Super Contributor II

Re: AP vulnerability

It always be good to go with latest version. You may try the latest and do share here if problem remain the same.
Thanks & Regards
Syed Murad Ali
Search Airheads
Showing results for 
Search instead for 
Did you mean: