CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2024-31473
https://notcve.org/view.php?id=CVE-2024-31473
14 May 2024 — There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de inyección de comandos en el servicio de desautenticación subyacente qu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2024-31472
https://notcve.org/view.php?id=CVE-2024-31472
14 May 2024 — There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existen vulnerabilidades de inyección de comandos en el servicio Soft AP Daemon subyacente que pod... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2024-31471
https://notcve.org/view.php?id=CVE-2024-31471
14 May 2024 — There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de inyección de comandos en el servicio de Comunicaciones Centrales... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31470
https://notcve.org/view.php?id=CVE-2024-31470
14 May 2024 — There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento de búfer en el servicio SAE (a... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31469
https://notcve.org/view.php?id=CVE-2024-31469
14 May 2024 — There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existen vulnerabilidades de desbordamiento de búfer en el servicio de Comunicaciones Central... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31468
https://notcve.org/view.php?id=CVE-2024-31468
14 May 2024 — There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existen vulnerabilidades de desbordamiento de búfer en el servicio de Comunicaciones Central... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31467 – Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol
https://notcve.org/view.php?id=CVE-2024-31467
14 May 2024 — There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existen vulnerabilidades de desbordamiento de búfer en el servicio CLI subyacente que podrían provocar la ejecu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31466 – Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol
https://notcve.org/view.php?id=CVE-2024-31466
14 May 2024 — There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existen vulnerabilidades de desbordamiento de búfer en el servicio CLI subyacente que podrían provocar la ejecu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-37885
https://notcve.org/view.php?id=CVE-2022-37885
07 Oct 2022 — There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS... • https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2022-37886
https://notcve.org/view.php?id=CVE-2022-37886
07 Oct 2022 — There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS... • https://cert-portal.siemens.com/productcert/pdf/ssa-506569.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •