CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33516
https://notcve.org/view.php?id=CVE-2024-33516
01 May 2024 — An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio de autenticación al que se accede a través del protocolo PAPI proporcionado por ArubaOS. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33515
https://notcve.org/view.php?id=CVE-2024-33515
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33514
https://notcve.org/view.php?id=CVE-2024-33514
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33513
https://notcve.org/view.php?id=CVE-2024-33513
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33512
https://notcve.org/view.php?id=CVE-2024-33512
01 May 2024 — There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento de búfer en el servicio de base de dato... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33511
https://notcve.org/view.php?id=CVE-2024-33511
01 May 2024 — There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento del búfer en el servicio de informes automáticos subya... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-26305
https://notcve.org/view.php?id=CVE-2024-26305
01 May 2024 — There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento de búfer en el daemon de utilidad subyacente que podría conducir a ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 74%CPEs: 2EXPL: 2CVE-2024-26304
https://notcve.org/view.php?id=CVE-2024-26304
01 May 2024 — There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento de búfer en el servicio de administración L2/L3 subyacent... • https://github.com/Roud-Roud-Agency/CVE-2024-26304-RCE-exploits • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-25615
https://notcve.org/view.php?id=CVE-2024-25615
05 Mar 2024 — An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio Spectrum al que se accede a través del protocolo PAPI en ArubaOS 8.x. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-25613
https://notcve.org/view.php?id=CVE-2024-25613
05 Mar 2024 — Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Existen vulnerabilidades de inyección de comandos autenticadas en la interfaz de línea de comandos de ArubaOS. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el siste... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •