cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-33518,https://securityvulnerability.io/vulnerability/CVE-2024-33518,Unauthenticated DoS Vulnerability in PAPI Radio Frequency Manager,"An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:35:09.048Z,0 CVE-2024-33517,https://securityvulnerability.io/vulnerability/CVE-2024-33517,Unauthenticated DoS Vulnerability in PAPI Radio Frequency Manager,"An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:33:15.277Z,0 CVE-2024-33516,https://securityvulnerability.io/vulnerability/CVE-2024-33516,Unauthenticated DoS Vulnerability in ArubaOS PAPI Protocol,"An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:30:59.727Z,0 CVE-2024-33515,https://securityvulnerability.io/vulnerability/CVE-2024-33515,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:28:23.709Z,0 CVE-2024-33514,https://securityvulnerability.io/vulnerability/CVE-2024-33514,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:27:00.666Z,0 CVE-2024-33513,https://securityvulnerability.io/vulnerability/CVE-2024-33513,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.9,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T16:13:10.629Z,0 CVE-2024-33512,https://securityvulnerability.io/vulnerability/CVE-2024-33512,Buffer Overflow Vulnerability Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists within the Local User Authentication Database service utilized by Aruba Networks access points. This vulnerability can be exploited by sending specially crafted packets to the PAPI (Aruba’s Access Point Management Protocol) UDP port (8211), enabling an attacker to execute arbitrary code remotely. This exploitation occurs without authentication, posing significant risks to the security and integrity of the affected systems. Organizations using Aruba access points should prioritize applying the necessary patches and mitigating strategies to protect against potential threats.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T14:57:08.377Z,0 CVE-2024-33511,https://securityvulnerability.io/vulnerability/CVE-2024-33511,Aruba Automatic Reporting Service Buffer Overflow Vulnerability Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists in the Automatic Reporting service associated with Aruba's Access Point Management Protocol (PAPI), operating on UDP port 8211. This vulnerability can be exploited by sending specially crafted packets to the service, potentially allowing unauthenticated attackers to execute arbitrary code on the underlying operating system. Such unauthorized access could lead to significant security risks, as it provides attackers with privileged execution capabilities.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T14:54:17.968Z,0 CVE-2024-26305,https://securityvulnerability.io/vulnerability/CVE-2024-26305,Unauthenticated Remote Code Execution Vulnerability in Aruba's Utility Daemon,"The vulnerability in Aruba Networks' Utility daemon is characterized as a buffer overflow flaw that exposes the system to unauthenticated remote code execution. By sending specially crafted packets to the PAPI UDP port (8211), an attacker may exploit this weakness to execute arbitrary code with elevated privileges on the underlying operating system. This vulnerability poses significant risks to network integrity and confidentiality, necessitating immediate attention from users of affected products.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-05-01T14:52:41.916Z,0 CVE-2024-26304,https://securityvulnerability.io/vulnerability/CVE-2024-26304,Buffer Overflow Vulnerability in PAPI Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists within the L2/L3 Management service of Aruba Networks, which could permit unauthenticated remote code execution. By sending specially crafted packets to the PAPI (Public Access Point Interface) UDP port 8211, an attacker can exploit this vulnerability to execute arbitrary code with elevated privileges on the underlying operating system. This issue highlights the importance of securing access point management protocols to prevent unauthorized access and potential system compromise.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0004299999854993075,false,,false,false,true,2024-05-04T19:09:24.000Z,true,false,false,,2024-05-01T14:43:12.761Z,0 CVE-2023-35971,https://securityvulnerability.io/vulnerability/CVE-2023-35971,Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface,"A vulnerability exists in the web-based management interface of ArubaOS, which may allow an unauthenticated remote attacker to perform a stored cross-site scripting attack. If successfully exploited, this vulnerability can enable the execution of arbitrary script code in a victim's browser. This poses significant risks to the integrity and confidentiality of sensitive information accessed through the interface.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,8.8,HIGH,0.0010600000387057662,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35973,https://securityvulnerability.io/vulnerability/CVE-2023-35973,Authenticated Remote Command Execution in the ArubaOS Command Line Interface,"ArubaOS, developed by Aruba Networks, is susceptible to authenticated command injection vulnerabilities within its command line interface. This security flaw allows an attacker with valid credentials to exploit the system, potentially granting them the ability to execute arbitrary commands as a privileged user. The ability to inject commands poses significant risks, including unauthorized access and manipulation of the underlying operating system, highlighting the urgency for users to apply security patches and mitigate potential threats.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35975,https://securityvulnerability.io/vulnerability/CVE-2023-35975,Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion,An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.0008399999933317304,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35976,https://securityvulnerability.io/vulnerability/CVE-2023-35976,Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface,Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35974,https://securityvulnerability.io/vulnerability/CVE-2023-35974,Authenticated Remote Command Execution in the ArubaOS Command Line Interface,"ArubaOS contains authenticated command injection vulnerabilities within its command line interface. These vulnerabilities allow an attacker with valid credentials to execute arbitrary commands with privileged access on the underlying operating system. This could lead to unauthorized data access, system compromise, and various security breaches. It is crucial for organizations using affected versions of ArubaOS to apply security updates to mitigate potential exploitation risks.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35977,https://securityvulnerability.io/vulnerability/CVE-2023-35977,Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface,Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35979,https://securityvulnerability.io/vulnerability/CVE-2023-35979,Unauthenticated Buffer Overflow Vulnerability in ArubaOS Web-Based Management Interface,There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0008999999845400453,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35972,https://securityvulnerability.io/vulnerability/CVE-2023-35972,Authenticated Remote Command Execution in ArubaOS Web-based Management Interface,"An authenticated remote command injection flaw exists in the web-based management interface of ArubaOS. This vulnerability allows attackers with appropriate access to execute arbitrary commands as a privileged user on the underlying operating system. By exploiting this weakness, malicious actors can gain full control over the affected system, posing significant risks to device integrity and network security.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.0008200000156648457,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-35978,https://securityvulnerability.io/vulnerability/CVE-2023-35978,Reflected Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface,A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.1,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-07-05T15:15:00.000Z,0 CVE-2023-22756,https://securityvulnerability.io/vulnerability/CVE-2023-22756,Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes,"Multiple buffer overflow vulnerabilities exist within various operating system processes in Aruba Networks products. These vulnerabilities can be exploited by sending specially crafted packets through the PAPI protocol, potentially leading to unauthenticated remote code execution. If successfully exploited, an attacker could execute arbitrary code with elevated privileges on the affected operating systems, compromising system integrity and security.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.004129999782890081,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0 CVE-2023-22755,https://securityvulnerability.io/vulnerability/CVE-2023-22755,Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes,"Buffer overflow vulnerabilities exist in various operating system processes utilized by Aruba Networks, enabling attackers to exploit these flaws through specially crafted packets sent via the PAPI protocol. Successful exploitation allows unauthorized individuals to execute arbitrary code with privileged access on the underlying operating system, posing significant security risks to affected systems.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.004129999782890081,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0 CVE-2023-22754,https://securityvulnerability.io/vulnerability/CVE-2023-22754,Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes,"A critical buffer overflow vulnerability exists in multiple underlying operating system processes of Aruba Networks products. This could allow an unauthenticated attacker to execute arbitrary code with elevated privileges by sending specially crafted packets through the PAPI protocol. Successful exploitation poses a significant risk as it may grant the attacker full access to the affected systems, potentially compromising sensitive data and services.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.004129999782890081,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0 CVE-2023-22774,https://securityvulnerability.io/vulnerability/CVE-2023-22774,Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.,"Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,6.5,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0 CVE-2023-22773,https://securityvulnerability.io/vulnerability/CVE-2023-22773,Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.,"Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,6.5,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0 CVE-2023-22753,https://securityvulnerability.io/vulnerability/CVE-2023-22753,Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes,"Buffer overflow vulnerabilities exist in several operating system processes used by Aruba Networks products. These vulnerabilities allow attackers to exploit specially crafted packets sent through the PAPI protocol, potentially leading to unauthenticated remote code execution. If successfully exploited, attackers could execute arbitrary code with elevated privileges on the affected systems, posing significant security risks. Proper patching and network protections are crucial to mitigate these vulnerabilities.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.004129999782890081,false,,false,false,false,,,false,false,,2023-03-01T08:15:00.000Z,0