CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2024/05/01 4:13 p.m.•11 views

CVE-2024-33513

5.9CVSS6.1AI score0.0012EPSS

Cvelist•added 2024/05/01 2:57 p.m.•17 views

CVE-2024-33512

There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation ...

9.8CVSS10AI score0.22838EPSS

CVE•added 2024/05/01 2:57 p.m.•58 views

CVE-2024-33512

CVE-2024-33512 is an unauthenticated buffer overflow in ArubaOS Local User Authentication Database accessed via PAPI UDP port 8211, enabling arbitrary code execution as a privileged OS user. The issue affects ArubaOS implementations used by Mobility Conductor/Mobility Controllers/WLAN Gateways/SD...

9.8CVSS8.8AI score0.22838EPSS

Cvelist•added 2024/05/01 2:52 p.m.•12 views

CVE-2024-26305

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerability result...

9.8CVSS10AI score0.07994EPSS

CVE•added 2024/05/01 2:52 p.m.•83 views

CVE-2024-26305

ArubaOS components (Mobility Conductor, Mobility Controllers, WLAN/SD-WAN Gateways) are affected by CVE-2024-26305 via a buffer overflow in the Utility daemon. An unauthenticated attacker can send crafted packets to the PAPI UDP port 8211 to achieve arbitrary code execution as a privileged OS use...

9.8CVSS8.7AI score0.07994EPSS

Positive Technologies•added 2024/05/01 12:0 a.m.•3 views

PT-2024-25289 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS affected versions not specified Description: An unauthenticated Denial of Service DoS issue exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this issue results in the ability to...

7.5CVSS7AI score0.00074EPSS

Exploits0References5

Positive Technologies•added 2024/05/01 12:0 a.m.•2 views

PT-2024-25290 · Unknown · Radio Frequency Manager Service

Name of the Vulnerable Software and Affected Versions: Radio Frequency Manager service affected versions not specified Description: An unauthenticated Denial-of-Service DoS vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this...

7.5CVSS6.9AI score0.00074EPSS

Exploits0References5

Positive Technologies•added 2024/05/01 12:0 a.m.•2 views

PT-2024-25286 · Unknown · Ap Management Service

Name of the Vulnerable Software and Affected Versions: AP Management service affected versions not specified Description: The issue concerns Unauthenticated Denial-of-Service DoS vulnerabilities in the AP Management service accessed via the PAPI protocol. Successful exploitation of these...

5.9CVSS7.1AI score0.0012EPSS

Tenable Nessus•added 2024/04/13 12:0 a.m.•21 views

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45620)

Unauthenticated Denial-of-Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please visi...

Tenable Nessus•added 2024/04/13 12:0 a.m.•51 views

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45622)

Unauthenticated Denial-of-Service DoS vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Plea...

Tenable Nessus•added 2024/04/13 12:0 a.m.•56 views

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45624)

An unauthenticated Denial-of-Service DoS vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot. Please...

Tenable Nessus•added 2024/04/13 12:0 a.m.•84 views

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45623)

Unauthenticated Denial-of-Service DoS vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. This plugin only works with Tenable.ot...

Tenable Nessus•added 2024/04/13 12:0 a.m.•110 views

Siemens Scalance W1750D Improper Input Validation (CVE-2023-45621)

Tenable Nessus•added 2024/03/21 12:0 a.m.•19 views

Siemens SCALANCE W1750D Improper Input Validation (CVE-2023-22787)

An unauthenticated Denial of Service DoS vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. This plugin on...

7.5CVSS7.3AI score0.00267EPSS

Exploits0References3

Tenable Nessus•added 2024/03/21 12:0 a.m.•28 views

Siemens SCALANCE W1750D Buffer Overflow (CVE-2023-22781)

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of these vulnerabilities...

9.8CVSS9.6AI score0.00978EPSS

Exploits0References3

Tenable Nessus•added 2024/03/07 12:0 a.m.•124 views

ArubaOS < 8.10.0.10 / 8.11.2.1 / 10.4.1.0 / 10.5.1.0 Multiple Vulnerabilities (ARUBA-PSA-2024-002)

The version of ArubaOS installed on the remote host is 8.x prior to 8.10.0.10, 8.11 prior to 8.11.2.1, 10.4 prior to 10.4.1.0, or 10.5 prior to 10.5.1.0. It is, therefore, affected by multiple vulnerabilities including: - An authenticated command injection vulnerabilities exist in the ArubaOS...

9.1CVSS6.7AI score0.00133EPSS

Exploits0References8

NVD•added 2024/03/05 9:15 p.m.•9 views

CVE-2024-25615

An unauthenticated Denial-of-Service DoS vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service...

5.3CVSS5.6AI score0.00051EPSS

Prion•added 2024/03/05 9:15 p.m.•12 views

Denial of service

5CVSS7.2AI score0.00051EPSS