cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2024-33518,https://securityvulnerability.io/vulnerability/CVE-2024-33518,Unauthenticated DoS Vulnerability in PAPI Radio Frequency Manager,"An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:35:09.048Z,0 CVE-2024-33517,https://securityvulnerability.io/vulnerability/CVE-2024-33517,Unauthenticated DoS Vulnerability in PAPI Radio Frequency Manager,"An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:33:15.277Z,0 CVE-2024-33516,https://securityvulnerability.io/vulnerability/CVE-2024-33516,Unauthenticated DoS Vulnerability in ArubaOS PAPI Protocol,"An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:30:59.727Z,0 CVE-2024-33515,https://securityvulnerability.io/vulnerability/CVE-2024-33515,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:28:23.709Z,0 CVE-2024-33514,https://securityvulnerability.io/vulnerability/CVE-2024-33514,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:27:00.666Z,0 CVE-2024-33513,https://securityvulnerability.io/vulnerability/CVE-2024-33513,PAPI AP Management Service Vulnerable to Unauthenticated DoS Attacks,"Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T16:13:10.629Z,0 CVE-2024-33512,https://securityvulnerability.io/vulnerability/CVE-2024-33512,Buffer Overflow Vulnerability Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists within the Local User Authentication Database service utilized by Aruba Networks access points. This vulnerability can be exploited by sending specially crafted packets to the PAPI (Aruba’s Access Point Management Protocol) UDP port (8211), enabling an attacker to execute arbitrary code remotely. This exploitation occurs without authentication, posing significant risks to the security and integrity of the affected systems. Organizations using Aruba access points should prioritize applying the necessary patches and mitigating strategies to protect against potential threats.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T14:57:08.377Z,0 CVE-2024-33511,https://securityvulnerability.io/vulnerability/CVE-2024-33511,Aruba Automatic Reporting Service Buffer Overflow Vulnerability Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists in the Automatic Reporting service associated with Aruba's Access Point Management Protocol (PAPI), operating on UDP port 8211. This vulnerability can be exploited by sending specially crafted packets to the service, potentially allowing unauthenticated attackers to execute arbitrary code on the underlying operating system. Such unauthorized access could lead to significant security risks, as it provides attackers with privileged execution capabilities.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T14:54:17.968Z,0 CVE-2024-26305,https://securityvulnerability.io/vulnerability/CVE-2024-26305,Unauthenticated Remote Code Execution Vulnerability in Aruba's Utility Daemon,"The vulnerability in Aruba Networks' Utility daemon is characterized as a buffer overflow flaw that exposes the system to unauthenticated remote code execution. By sending specially crafted packets to the PAPI UDP port (8211), an attacker may exploit this weakness to execute arbitrary code with elevated privileges on the underlying operating system. This vulnerability poses significant risks to network integrity and confidentiality, necessitating immediate attention from users of affected products.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0004299999854993075,false,false,false,false,,false,false,2024-05-01T14:52:41.916Z,0 CVE-2024-26304,https://securityvulnerability.io/vulnerability/CVE-2024-26304,Buffer Overflow Vulnerability in PAPI Could Lead to Remote Code Execution,"A buffer overflow vulnerability exists within the L2/L3 Management service of Aruba Networks, which could permit unauthenticated remote code execution. By sending specially crafted packets to the PAPI (Public Access Point Interface) UDP port 8211, an attacker can exploit this vulnerability to execute arbitrary code with elevated privileges on the underlying operating system. This issue highlights the importance of securing access point management protocols to prevent unauthorized access and potential system compromise.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,9.8,CRITICAL,0.0004299999854993075,false,false,false,true,true,false,false,2024-05-01T14:43:12.761Z,0 CVE-2023-35977,https://securityvulnerability.io/vulnerability/CVE-2023-35977,Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface,Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35979,https://securityvulnerability.io/vulnerability/CVE-2023-35979,Unauthenticated Buffer Overflow Vulnerability in ArubaOS Web-Based Management Interface,There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,5.3,MEDIUM,0.0008699999889358878,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35976,https://securityvulnerability.io/vulnerability/CVE-2023-35976,Authenticated Sensitive Information Disclosure in ArubaOS Command Line Interface,Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35978,https://securityvulnerability.io/vulnerability/CVE-2023-35978,Reflected Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface,A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.1,MEDIUM,0.0007399999885819852,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35971,https://securityvulnerability.io/vulnerability/CVE-2023-35971,Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface,"A vulnerability exists in the web-based management interface of ArubaOS, which may allow an unauthenticated remote attacker to perform a stored cross-site scripting attack. If successfully exploited, this vulnerability can enable the execution of arbitrary script code in a victim's browser. This poses significant risks to the integrity and confidentiality of sensitive information accessed through the interface.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,8.8,HIGH,0.0010000000474974513,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35974,https://securityvulnerability.io/vulnerability/CVE-2023-35974,Authenticated Remote Command Execution in the ArubaOS Command Line Interface,"ArubaOS contains authenticated command injection vulnerabilities within its command line interface. These vulnerabilities allow an attacker with valid credentials to execute arbitrary commands with privileged access on the underlying operating system. This could lead to unauthorized data access, system compromise, and various security breaches. It is crucial for organizations using affected versions of ArubaOS to apply security updates to mitigate potential exploitation risks.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.0008200000156648457,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35973,https://securityvulnerability.io/vulnerability/CVE-2023-35973,Authenticated Remote Command Execution in the ArubaOS Command Line Interface,"ArubaOS, developed by Aruba Networks, is susceptible to authenticated command injection vulnerabilities within its command line interface. This security flaw allows an attacker with valid credentials to exploit the system, potentially granting them the ability to execute arbitrary commands as a privileged user. The ability to inject commands poses significant risks, including unauthorized access and manipulation of the underlying operating system, highlighting the urgency for users to apply security patches and mitigate potential threats.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.0008200000156648457,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35972,https://securityvulnerability.io/vulnerability/CVE-2023-35972,Authenticated Remote Command Execution in ArubaOS Web-based Management Interface,"An authenticated remote command injection flaw exists in the web-based management interface of ArubaOS. This vulnerability allows attackers with appropriate access to execute arbitrary commands as a privileged user on the underlying operating system. By exploiting this weakness, malicious actors can gain full control over the affected system, posing significant risks to device integrity and network security.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,7.2,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-35975,https://securityvulnerability.io/vulnerability/CVE-2023-35975,Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion,An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.,HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; Wlan Gateways And Sd-wan Gateways Managed By Aruba Central,6.5,MEDIUM,0.0007800000021234155,false,false,false,false,,false,false,2023-07-05T15:15:00.000Z,0 CVE-2023-22778,https://securityvulnerability.io/vulnerability/CVE-2023-22778,Authenticated Stored Cross-Site Scripting,"A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,4.8,MEDIUM,0.0006600000197067857,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0 CVE-2023-22776,https://securityvulnerability.io/vulnerability/CVE-2023-22776,Authenticated Remote Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Read,"An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,4.9,MEDIUM,0.0006500000017695129,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0 CVE-2023-22751,https://securityvulnerability.io/vulnerability/CVE-2023-22751,Unauthenticated Stack-Based Buffer Overflow Vulnerabilities in the PAPI Protocol,"This vulnerability involves a stack-based buffer overflow in the Aruba Networks access point management protocol (PAPI) that could be exploited by sending specially crafted packets to the UDP port 8211. An attacker could leverage this vulnerability to execute arbitrary code on the affected devices with elevated privileges, thereby compromising the security of the underlying operating system. Remediation should be sought promptly given the implications of remote code execution.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.0037700000684708357,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0 CVE-2023-22774,https://securityvulnerability.io/vulnerability/CVE-2023-22774,Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.,"Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. ",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,6.5,MEDIUM,0.0007999999797903001,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0 CVE-2023-22758,https://securityvulnerability.io/vulnerability/CVE-2023-22758,Authenticated Remote Command Execution in ArubaOS Web-based Management Interface,"ArubaOS contains authenticated remote command injection vulnerabilities within its web-based management interface. An attacker exploiting these flaws can execute arbitrary commands as a privileged user on the device's operating system, potentially leading to a complete compromise of the system. Organizations using ArubaOS should implement the necessary updates and security measures to mitigate the risk associated with these vulnerabilities.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,7.2,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0 CVE-2023-22756,https://securityvulnerability.io/vulnerability/CVE-2023-22756,Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes,"Multiple buffer overflow vulnerabilities exist within various operating system processes in Aruba Networks products. These vulnerabilities can be exploited by sending specially crafted packets through the PAPI protocol, potentially leading to unauthenticated remote code execution. If successfully exploited, an attacker could execute arbitrary code with elevated privileges on the affected operating systems, compromising system integrity and security.",HP,Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central,9.8,CRITICAL,0.0037700000684708357,false,false,false,false,,false,false,2023-03-01T08:15:00.000Z,0