papi bug fix and enhancement update

An update is available for papi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.4...

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software allows a perpetrator to execute arbitrary code.

The vulnerability of the CLI interface of HPE Aruba Networking Access Point software relates to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted packets to the UDP port...

CVE-2024-33511

There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this...

CVE-2024-33512

There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation ...

CVE-2024-42506

Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities results in the...

CVE-2024-42507

Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities results in the...

CVE-2024-42505

Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities results in the...

CVE-2024-31470

There is a buffer overflow vulnerability in the underlying SAE Simultaneous Authentication of Equals service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful...

CVE-2024-31467

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

CVE-2024-31468

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31466

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...

CVE-2024-26305

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerability result...

CVE-2024-42509

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this vulnerability results in the ability ...

CVE-2024-47460 Unauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI Protocol

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this vulnerability results in the ability ...

CVE-2024-47460

CVE-2024-47460 is an unauthenticated command-injection vulnerability in ArubaOS/Aruba Instant CLI service (PAPI) exposed via UDP port 8211. Exploitation can lead to remote code execution with system-privileged rights. Public references indicate the flaw affects ArubaOS/Instant AOS-8 and AOS-10 de...

CVE-2024-42509 Unauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI Protocol

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this vulnerability results in the ability ...

CVE-2024-42509 Unauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI Protocol

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this vulnerability results in the ability ...

CVE-2024-42509

ArubaOS/vulnerable Aruba Access Point line affected by CVE-2024-42509, a command-injection in the CLI service that enables unauthenticated remote code execution via PAPI UDP port 8211. Public reports consistently describe this as a high-severity, remote attacker–controlled code execution risk on ...

CVE-2024-42506

Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities results in the...

CVE-2024-42507

CVE-2024-42507 describes unauthenticated remote code execution in ArubaOS/Aruba AP management via the PAPI protocol. The underlying issue is command injection in the CLI service, exploitable by sending specially crafted packets to UDP port 8211, allowing an attacker to execute arbitrary code with...