CVE-2024-42393

🗓️ 06 Aug 2024 18:58:52Reported by hpeType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 44 Views

Vulnerability in Soft AP Daemon Service allows unauthenticated RCE attac

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-42393	6 Aug 202421:43	–	circl
CNNVD	Aruba Networks Access Points 安全漏洞	6 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-42393 Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol	6 Aug 202418:58	–	cvelist
EUVD	EUVD-2024-39597	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS	7 Aug 202409:04	–	ncsc
NVD	CVE-2024-42393	6 Aug 202419:15	–	nvd
OpenVAS	Cesanta Mongoose Web Server <= 7.14 Multiple Vulnerabilities	4 Dec 202400:00	–	openvas
Vulnrichment	CVE-2024-42393 Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol	6 Aug 202418:58	–	vulnrichment

NVD

Node

arubanetworks arubaosRange10.3.0.0–10.4.1.4

arubanetworks arubaosRange10.5.0.0–10.6.0.1

hp instantosRange6.4.0.0–8.10.0.13

hp instantosRange8.12.0.0–8.12.0.2

[
  {
    "defaultStatus": "affected",
    "product": "Hpe Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "lessThanOrEqual": "<=8.12.0.1",
        "status": "affected",
        "version": "Version 8.12.0.0: 8.12.0.1 and below",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "<=8.10.0.12",
        "status": "affected",
        "version": "Version 8.10.0.0: 8.10.0.12 and below",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpesc/public/docDisplay

12 Aug 2024 18:22Current

8High risk

Vulners AI Score8

CVSS 3.19.8

EPSS0.00473

SSVC