CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2020-24633
https://notcve.org/view.php?id=CVE-2020-24633
There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. Se presentan múltiples vulnerabilidades de desbordamiento de búfer que podrían conllevar a una ejecución de código remota no autenticada mediante el envío de paquetes especialmente diseñados destinados al puerto UDP (8211) de PAPI (protocolo de administración Aruba Networks AP) de puntos de acceso o controladores en Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers versiones: 2.1.0.1, 2.2.0.0 y por debajo; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 20EXPL: 0CVE-2020-24634
https://notcve.org/view.php?id=CVE-2020-24634
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. Un atacante es capaz de inyectar remotamente comandos arbitrarios mediante el envío de paquetes especialmente diseñados destinados al puerto UDP (8211) de PAPI (protocolo de Aruba Networks AP Management) de puntos de acceso o controladores en Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers versiones: 2.1.0.1, 2.2.0.0 y por debajo; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7128
https://notcve.org/view.php?id=CVE-2020-7128
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. Se detectó una vulnerabilidad de ejecución remota de código arbitrario no autenticado en Aruba Airwave Software: versiones anteriores a 1.3.2 • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04051en_us • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7129
https://notcve.org/view.php?id=CVE-2020-7129
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. Se detectó una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba Airwave Software, versiones anteriores a 1.3.2 • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04051en_us •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7127
https://notcve.org/view.php?id=CVE-2020-7127
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. Se detectó una vulnerabilidad de ejecución de código arbitraria no autenticado remota en las versiones de Aruba Airwave Software versión(es): Anteriores a 1.3.2 • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04051en_us •