Lucene search
K

91 matches found

Vulnrichment
Vulnrichment
added 2024/05/14 10:34 p.m.11 views

CVE-2024-31480

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

5.3CVSS6.7AI score0.0057EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:34 p.m.21 views

CVE-2024-31480

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

5.3CVSS5.8AI score0.0057EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/14 10:29 p.m.16 views

CVE-2024-31474

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI Aruba's Access Point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...

8.2CVSS6.6AI score0.00448EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/14 10:29 p.m.23 views

CVE-2024-31474

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI Aruba's Access Point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...

8.2CVSS8.4AI score0.00448EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:8 p.m.38 views

CVE-2024-31467

ArubaOS/InstantOS vulnerabilities exist in the PAPI CLI service via unauthenticated buffer overflow on UDP port 8211, enabling remote code execution with privileges on the underlying OS. Attack requires sending specially crafted packets to the PAPI UDP port; exploitation status is not consistentl...

9.8CVSS8.5AI score0.01138EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/05/14 10:8 p.m.17 views

CVE-2024-31467 Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

9.8CVSS10AI score0.01138EPSS
Exploits0References1
CVE
CVE
added 2024/05/14 10:4 p.m.45 views

CVE-2024-31466

CVE-2024-31466 describes unauthenticated buffer-overflow vulnerabilities in the PAPI CLI service used by ArubaOS/InstantOS, exploitable by sending specially crafted UDP packets to port 8211. Successful exploitation could execute arbitrary code with OS privileges. Affected products include ArubaOS...

9.8CVSS8.5AI score0.01138EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.6 views

PT-2024-24106 · Aruba · Aruba Access Point

Name of the Vulnerable Software and Affected Versions: Aruba Access Point affected versions not specified Description: The issue concerns an arbitrary file deletion vulnerability in the CLI service accessed by PAPI, which is Aruba's Access Point management protocol. Successful exploitation of thi...

8.2CVSS6.3AI score0.00448EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.3 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

9.8CVSS7.3AI score0.01138EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.5 views

PT-2024-24098 · Aruba · Aruba Access Point

Name of the Vulnerable Software and Affected Versions: Aruba Access Point versions affected versions not specified Description: The issue concerns buffer overflow vulnerabilities in the underlying CLI service. These vulnerabilities could lead to unauthenticated remote code execution by sending...

9.8CVSS8.3AI score0.01138EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/05/14 12:0 a.m.5 views

PT-2024-24097 · Aruba · Aruba Access Point

Name of the Vulnerable Software and Affected Versions: Aruba Access Point affected versions not specified Description: The issue is related to buffer overflow vulnerabilities in the underlying CLI service. These vulnerabilities could lead to unauthenticated remote code execution by sending...

9.8CVSS8.2AI score0.01138EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

7.5CVSS6.7AI score0.0057EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

Aruba Networks ArubaOS 和 InstantOS 安全漏洞

Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...

6.5CVSS6.2AI score0.00413EPSS
Exploits0References5
NVD
NVD
added 2024/05/03 3:15 a.m.25 views

CVE-2023-44415

D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1260 and DIR-2150 routers. Authentication is required to exploit this vulnerability. The specif...

8CVSS7.2AI score0.00997EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 a.m.32 views

CVE-2023-35724

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specif...

8.8CVSS9AI score0.00865EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.3 views

CVE-2023-35724

D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specif...

8.8CVSS5.6AI score0.00865EPSS
Exploits0References3
NVD
NVD
added 2024/05/03 2:15 a.m.25 views

CVE-2023-34284

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

6.3CVSS6.5AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 2:15 a.m.3 views

CVE-2023-34284

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

6.3CVSS5.8AI score0.00447EPSS
Exploits0References2
CVE
CVE
added 2024/05/03 1:57 a.m.48 views

CVE-2023-34284

CVE-2023-34284 affects NETGEAR RAX30 routers. The vulnerability is caused by a hard-coded user account in the system configuration that can be used to access the CLI service as a low-privileged user, allowing network-adjacent attackers to bypass authentication without any user interaction. The is...

6.3CVSS6.5AI score0.00447EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/05/03 1:57 a.m.29 views

CVE-2023-34284 NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability

NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

6.3CVSS6.7AI score0.00447EPSS
Exploits0References2
Rows per page
Query Builder