17 matches found
EUVD-2015-6200
Malware in sbrugna...
EUVD-2005-3481
Malware in sbrugna...
PT-2024-29924 · Hewlett Packard · Hpe Aruba Instant +1
Name of the Vulnerable Software and Affected Versions: HPE Aruba InstantOS/ArubaOS affected versions not specified Description: The issue concerns multiple unauthenticated Denial-of-Service DoS vulnerabilities in the AP Certificate Management daemon, which is accessed via the PAPI protocol...
CVE-2024-31468
There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...
PT-2024-3205 · Aruba · Arubaos
Name of the Vulnerable Software and Affected Versions: ArubaOS versions prior to the fixed version Description: The issue is related to a buffer overflow vulnerability in the underlying L2/L3 Management service. This vulnerability could lead to unauthenticated remote code execution by sending...
CVE-2023-45617
There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI Aruba's access point management protocol. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...
Aruba Networks ArubaOS and InstantOS Security Vulnerabilities
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc. Aruba Networks InstantOS is an Arch Linux-based distribution. A security vulnerability exists in Aruba Networks ArubaOS and InstantOS due to an arbitrary file deletion vulnerability in the RSSI service...
PT-2023-18692 · Aruba · Aruba Access Point
Name of the Vulnerable Software and Affected Versions: Aruba access points affected versions not specified Description: The issue is related to buffer overflow vulnerabilities in multiple underlying services. These vulnerabilities could lead to unauthenticated remote code execution by sending...
CVE-2023-22747
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba Networks access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities result in the...
Aruba Networks ArubaOS 命令注入漏洞
Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS, which stems from the discovery of multiple command injection...
Aruba Networks ArubaOS 命令注入漏洞
Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches from Aruba Networks, Inc. A security vulnerability exists in Aruba Networks ArubaOS, which stems from the discovery of multiple command injection...
Vulnerabilities fixed in ArubaOS
Hewlett Packard has fixed vulnerabilities in ArubaOS. The vulnerability with reference CVE-2020-24637 was known earlier this year become known as "Boothole" NCSC-2020-0614. This vulnerability allows a malicious person with sufficient access to the system to load a rogue kernel. The remaining...
kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS
A flaw was found in the Linux kernel’s implementation of the WiFi station handoff code. An attacker within the radio range could use this flaw to deny a valid device from joining the access point...
CVE-2019-1796
A vulnerability in the handling of Inter-Access Point Protocol IAPP messages by Cisco Wireless LAN Controller WLC Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition. The vulnerability exist because the software improperly validates input on field...
Design/Logic Flaw
Cisco Wireless LAN Controller WLC devices before 8.0.140.0, 8.1.x and 8.2.x before 8.2.121.0, and 8.3.x before 8.3.102.0 allow remote attackers to cause a denial of service device reload by sending crafted Inter-Access Point Protocol IAPP packets and then sending a traffic stream metrics TSM...
Unspecified Vulnerability in Cisco Wireless LAN Controller Internet Access Point Protocol Module
Cisco Wireless LAN Controller WLC is a wireless LAN controller product from Cisco.Internet Access Point Protocol IAPP is one of the wireless access point communication protocol modules. A security vulnerability exists in the IAPP module in Cisco WLC devices using software version 8.1 104.37. A...
Code injection
The Internet Access Point Protocol IAPP module on Cisco Wireless LAN Controller WLC devices with software 8.1104.37 allows remote attackers to trigger incorrect traffic forwarding via crafted IPv6 packets, aka Bug ID CSCuv40033...