CVE-2024-42393 Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol

🗓️ 06 Aug 2024 18:58:52Reported by hpeType

Unauthenticated RCE in Soft AP Daemon Service via PAPI Protoco

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-42393	6 Aug 202421:43	–	circl
CNNVD	Aruba Networks Access Points 安全漏洞	6 Aug 202400:00	–	cnnvd
CVE	CVE-2024-42393	6 Aug 202418:58	–	cve
EUVD	EUVD-2024-39597	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS	7 Aug 202409:04	–	ncsc
NVD	CVE-2024-42393	6 Aug 202419:15	–	nvd
OpenVAS	Cesanta Mongoose Web Server <= 7.14 Multiple Vulnerabilities	4 Dec 202400:00	–	openvas
Vulnrichment	CVE-2024-42393 Unauthenticated Stack-Based Buffer Overflow Remote Command Execution (RCE) in the Soft AP Daemon Service Accessed by the PAPI Protocol	6 Aug 202418:58	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "Hpe Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "lessThanOrEqual": "<=8.12.0.1",
        "status": "affected",
        "version": "Version 8.12.0.0: 8.12.0.1 and below",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "<=8.10.0.12",
        "status": "affected",
        "version": "Version 8.10.0.0: 8.10.0.12 and below",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpesc/public/docDisplay

06 Aug 2024 19:44Current

CVSS 3.19.8

EPSS0.00473