cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-42396,https://securityvulnerability.io/vulnerability/CVE-2024-42396,Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the AP Certificate Management Service Accessed by the PAPI Protocol,Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.,HP,HP Aruba Networking Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-08-06T19:15:00.000Z,0
CVE-2024-42394,https://securityvulnerability.io/vulnerability/CVE-2024-42394,Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol,"The Soft AP Daemon Service from Hewlett Packard Enterprise contains vulnerabilities that can be exploited by a threat actor to perform unauthenticated remote code execution (RCE) attacks. If successfully exploited, this vulnerability allows an attacker to execute arbitrary commands on the underlying operating system, which could lead to a complete system compromise. It is crucial for organizations using this service to assess their vulnerability management strategies and implement necessary patches to guard against potential exploits.",HP,HP Aruba Networking Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-08-06T19:15:00.000Z,0
CVE-2024-42393,https://securityvulnerability.io/vulnerability/CVE-2024-42393,Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol,"The Soft AP Daemon Service developed by Hewlett Packard Enterprise has a vulnerability that permits remote code execution without authentication. This flaw could allow an attacker to run arbitrary commands on the host operating system, posing a severe risk to the integrity and availability of the system. Exploitation of this vulnerability can lead to complete compromise of affected systems, making it essential for users to apply security patches and mitigations as soon as they are available. Comprehensive monitoring and proactive security measures are recommended to safeguard against potential exploitation.",HP,HP Aruba Networking Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0009299999801442027,false,false,false,false,,false,false,2024-08-06T19:15:00.000Z,0
CVE-2024-31483,https://securityvulnerability.io/vulnerability/CVE-2024-31483,Arbitrary File Read Vulnerability in PAPI CLI Service,"An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,4.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:37:06.652Z,0
CVE-2024-31482,https://securityvulnerability.io/vulnerability/CVE-2024-31482,Unauthenticated Denial-of-Service Vulnerability in PAPI Access Point,"An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:36:10.770Z,0
CVE-2024-31481,https://securityvulnerability.io/vulnerability/CVE-2024-31481,Unauthenticated Denial of Service Vulnerabilities in PAPI CLI Service,"Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:35:29.359Z,0
CVE-2024-31480,https://securityvulnerability.io/vulnerability/CVE-2024-31480,Unauthenticated Denial of Service Vulnerabilities in PAPI CLI Service,"Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:34:42.949Z,0
CVE-2024-31479,https://securityvulnerability.io/vulnerability/CVE-2024-31479,Unauthenticated Denial of Service Vulnerabilities Discovered in PAPI Protocol,"Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:33:38.302Z,0
CVE-2024-31478,https://securityvulnerability.io/vulnerability/CVE-2024-31478,Unauthenticated DoS Vulnerabilities in Soft AP Daemon,"Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.

",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:32:51.129Z,0
CVE-2024-31477,https://securityvulnerability.io/vulnerability/CVE-2024-31477,Privileged Command Injection: A Threat to Operating Systems,"Multiple authenticated command injection vulnerabilities have been identified in the command line interface of Aruba Networks products. Exploiting these vulnerabilities allows an attacker to execute arbitrary commands as a privileged user on the underlying operating system. This severely compromises system integrity and confidentiality, necessitating immediate attention and remediation by system administrators.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:32:06.557Z,0
CVE-2024-31476,https://securityvulnerability.io/vulnerability/CVE-2024-31476,Privileged Command Injection: A Threat to Operating Systems,"Multiple authenticated command injection vulnerabilities have been identified within the command line interface of Aruba Networks' products. These vulnerabilities allow an attacker with valid credentials to exploit the command line interface, leading to the execution of arbitrary commands on the underlying operating system with elevated privileges. The exploitation of these vulnerabilities poses significant security risks, potentially compromising sensitive data and system integrity. Immediate remediation measures are recommended to mitigate the risk associated with these vulnerabilities.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,7.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:31:22.072Z,0
CVE-2024-31475,https://securityvulnerability.io/vulnerability/CVE-2024-31475,Arbitrary File Deletion Vulnerability in Central Communications Could Disrupt Access Point Operations,"An arbitrary file deletion vulnerability exists within Aruba Networks' Central Communications service, which can be accessed via the PAPI (Access Point Management Protocol). This vulnerability allows attackers with the required access to delete files on the underlying operating system of affected devices. Such unauthorized deletions could disrupt normal operations and compromise the integrity and reliability of Aruba Access Points. It is imperative for users of affected products to review their configurations, apply necessary patches, and adopt security practices to mitigate potential risks associated with this vulnerability.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:30:27.186Z,0
CVE-2024-31474,https://securityvulnerability.io/vulnerability/CVE-2024-31474,Arbitrary File Deletion Vulnerability in PAPI Affects Access Point Management,"An arbitrary file deletion vulnerability is present in the Command Line Interface (CLI) service accessed via the Aruba's Access Point management protocol, known as PAPI. This flaw allows an attacker to delete files on the underlying operating system of the access point. Such unauthorized file deletions could severely disrupt normal operational activities and compromise the integrity of the affected Access Point, potentially leading to a breakdown in services and increased vulnerability to additional attacks.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:29:51.497Z,0
CVE-2024-31473,https://securityvulnerability.io/vulnerability/CVE-2024-31473,Unauthenticated Remote Code Execution Vulnerability in PAPI,"A command injection vulnerability exists in the deauthentication service of Aruba Access Points, where an attacker can potentially exploit this flaw to execute arbitrary code on the underlying operating system. By sending specially crafted packets to the PAPI (Aruba's Access Point management protocol) UDP port 8211, it is possible to achieve unauthenticated remote code execution, posing significant risks to network integrity and security.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:29:11.994Z,0
CVE-2024-31472,https://securityvulnerability.io/vulnerability/CVE-2024-31472,Unauthenticated Remote Code Execution Vulnerabilities in Soft AP Daemon,"Aruba Networks has reported a vulnerability in the Soft AP Daemon service related to command injection, which enables potential attackers to exploit the system by sending specially crafted packets to the PAPI (Aruba's Access Point management protocol) UDP port 8211. This vulnerability permits unauthorized users to execute arbitrary code on the underlying operating system, posing significant risks to network security and system integrity. Organizations utilizing Aruba's access point solutions should prioritize security assessments to mitigate the effects of this vulnerability as the potential for unauthorized access and control could lead to severe consequences.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:28:29.845Z,0
CVE-2024-31471,https://securityvulnerability.io/vulnerability/CVE-2024-31471,Unauthenticated Remote Code Execution Vulnerability in Central Communications,"A command injection vulnerability exists within the Central Communications service of Aruba Networks, which can potentially allow for unauthenticated remote code execution. The vulnerability arises from the handling of specifically crafted packets sent to the PAPI (Aruba's Access Point management protocol) over UDP port 8211. If exploited, this vulnerability could enable attackers to execute arbitrary code with elevated privileges on the underlying operating system. Organizations utilizing Aruba's solutions should evaluate their systems immediately to mitigate potential risks associated with this vulnerability.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,true,false,false,,false,false,2024-05-14T22:27:21.146Z,0
CVE-2024-31470,https://securityvulnerability.io/vulnerability/CVE-2024-31470,Buffer Overflow Vulnerability in PAPI Could Lead to Remote Code Execution,"A vulnerability exists in the Simultaneous Authentication of Equals (SAE) service, presenting a buffer overflow risk that enables unauthenticated remote code execution. Attackers can exploit this flaw by sending specially crafted packets to the Aruba Access Point management protocol (PAPI) on UDP port 8211. If successfully executed, this vulnerability allows malicious actors to execute arbitrary code as a privileged user, potentially compromising the stability and security of the affected operating system.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:26:39.056Z,0
CVE-2024-31469,https://securityvulnerability.io/vulnerability/CVE-2024-31469,Buffer Overflow Vulnerabilities in Central Communications Could Lead to Remote Code Execution,"The buffer overflow vulnerabilities present in Aruba's Central Communications service expose systems to significant risks by allowing unauthenticated remote code execution. Attackers can send specially crafted packets to the PAPI UDP port (8211), leading to the execution of arbitrary code with elevated privileges on the underlying operating system. This highlights a critical security concern for organizations using Aruba access points that utilize the PAPI management protocol, necessitating immediate attention to security patches and implementation of best practices for network safety.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:25:46.354Z,0
CVE-2024-31468,https://securityvulnerability.io/vulnerability/CVE-2024-31468,Buffer Overflow Vulnerabilities in Central Communications Could Lead to Remote Code Execution,"The identified vulnerabilities pertain to buffer overflows within the Central Communications service of Aruba products. By sending specially crafted packets to the PAPI (Aruba's Access Point management protocol) over UDP port 8211, attackers could exploit these flaws to execute arbitrary code with elevated privileges. This unauthorized access can compromise the integrity and security of the underlying operating system, posing a significant risk to affected environments. Immediate remediation is recommended to mitigate the potential impact of these vulnerabilities.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:24:53.386Z,0
CVE-2024-31467,https://securityvulnerability.io/vulnerability/CVE-2024-31467,Buffer Overflow Vulnerabilities in PAPI Could Lead to Remote Code Execution,"The identified vulnerability exposes a buffer overflow flaw within the Command Line Interface (CLI) service of Aruba's Access Point management protocol (PAPI). By sending specially crafted packets to the UDP port 8211, an attacker may exploit this vulnerability to achieve unauthenticated remote code execution. This could allow malicious actors to execute arbitrary code on the affected systems with the privileges of a privileged user, posing significant risks to the integrity and security of the underlying operating system.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:08:51.360Z,0
CVE-2024-31466,https://securityvulnerability.io/vulnerability/CVE-2024-31466,Buffer Overflow Vulnerabilities in PAPI Could Lead to Remote Code Execution,"A set of buffer overflow vulnerabilities exist within the command-line interface (CLI) service of Aruba's Access Point Management Protocol (PAPI). These vulnerabilities can be exploited by sending specially crafted packets to the UDP port 8211, which is used by PAPI. If exploited successfully, an attacker can execute arbitrary code on the underlying operating system with the privileges of a privileged user. The implications of this vulnerability are significant, as it allows unauthorized access and control over affected systems, highlighting the critical need for users to apply security updates promptly.",HP,Aruba Instantos And Aruba Access Points Running Arubaos 10,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-14T22:04:39.665Z,0
CVE-2023-35981,https://securityvulnerability.io/vulnerability/CVE-2023-35981,Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol,"Several buffer overflow vulnerabilities have been identified in Aruba's access point management protocol (PAPI), specifically on UDP port 8211. These vulnerabilities can be exploited by unauthenticated attackers who send specially crafted packets to the affected devices. Successful exploitation may allow attackers to execute arbitrary code with privileged access on the operating system, potentially compromising the security and integrity of the network.",HP,Aruba Access Points Running Instantos And Arubaos 10,9.8,CRITICAL,0.0032399999909102917,false,false,false,false,,false,false,2023-07-25T19:15:00.000Z,0
CVE-2023-35980,https://securityvulnerability.io/vulnerability/CVE-2023-35980,Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol,"A buffer overflow vulnerability exists in multiple services associated with Aruba's Access Point Management Protocol (PAPI), specifically over UDP port 8211. By sending specially crafted packets, an attacker can potentially execute arbitrary code on the affected system, exploiting the privilege level of the operating system. This vulnerability poses significant risks as it allows unauthorized users to gain privileged access, which can lead to further exploitation and data compromise.",HP,Aruba Access Points Running Instantos And Arubaos 10,9.8,CRITICAL,0.0032399999909102917,false,false,false,false,,false,false,2023-07-25T19:15:00.000Z,0
CVE-2023-35982,https://securityvulnerability.io/vulnerability/CVE-2023-35982,Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol,"Aruba Networks has identified buffer overflow vulnerabilities within multiple underlying services that may be exploited by attackers. By sending crafted packets to the UDP port (8211) used by the PAPI (Aruba's access point management protocol), unauthenticated users could potentially execute arbitrary code as a privileged user on the operating system. It is crucial for organizations using affected products to assess their risk exposure and implement mitigations to safeguard their network infrastructure.",HP,Aruba Access Points Running Instantos And Arubaos 10,9.8,CRITICAL,0.0032399999909102917,false,false,false,false,,false,false,2023-07-25T19:15:00.000Z,0
CVE-2023-22789,https://securityvulnerability.io/vulnerability/CVE-2023-22789,Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface,"Multiple authenticated command injection vulnerabilities exist in the command line interface of Aruba InstantOS and ArubaOS 10. By exploiting these vulnerabilities, an attacker could execute arbitrary commands as a privileged user, potentially compromising the security of the underlying operating system. Proper security measures must be implemented to mitigate the risk associated with these vulnerabilities.",HP,Aruba Access Points running InstantOS and ArubaOS 10,8.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2023-05-08T15:15:00.000Z,0