CVE-2024-31481

Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...

CVE-2024-31478

Multiple unauthenticated Denial-of-Service DoS vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point...

CVE-2024-31475

There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI Aruba's access point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to...

CVE-2024-31475

CVE-2024-31475 affects ArubaOS/InstantOS with an arbitrary file deletion vulnerability in the Central Communications service accessed via PAPI. The issue allows deletion of arbitrary files on the underlying OS, impacting availability and integrity; CVSS 3.1 base score 8.2 (HIGH). Remediation (per...

CVE-2024-31474

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI Aruba's Access Point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...

CVE-2024-31473

CVE-2024-31473 describes a command-injection vulnerability in Aruba Networks’ deauthentication service exposed via the PAPI UDP port 8211, enabling unauthenticated remote code execution as a privileged OS user. Affected products include ArubaOS/InstantOS (Aruba Mobility-Defined Networks). Root ca...

CVE-2024-31473

There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this...

CVE-2024-31472

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31472

Summary: Aruba InstantOS/ArubaOS versions prior to 10.5.1.0 are affected by a command-injection vulnerability in the Soft AP Daemon exposed via the PAPI UDP port 8211, enabling unauthenticated remote code execution as a privileged OS user. Affected software: Aruba InstantOS/ArubaOS (pre-10.5.1.0)...

CVE-2024-31472

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31471

There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of this...

CVE-2024-31471

CVE-2024-31471 describes a command-injection vulnerability in Aruba’s Central Communications service (PAPI UDP port 8211) that can allow unauthenticated remote code execution as a privileged OS user. The PT-2024-24103 report confirms the issue relates to the Central Communications service with af...

CVE-2024-31470

There is a buffer overflow vulnerability in the underlying SAE Simultaneous Authentication of Equals service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful...

CVE-2024-31469

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31468

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31468

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these...

CVE-2024-31466

CVE-2024-31466 describes unauthenticated buffer-overflow vulnerabilities in the PAPI CLI service used by ArubaOS/InstantOS, exploitable by sending specially crafted UDP packets to port 8211. Successful exploitation could execute arbitrary code with OS privileges. Affected products include ArubaOS...

PT-2024-24106 · Aruba · Aruba Access Point

Name of the Vulnerable Software and Affected Versions: Aruba Access Point affected versions not specified Description: The issue concerns an arbitrary file deletion vulnerability in the CLI service accessed by PAPI, which is Aruba's Access Point management protocol. Successful exploitation of thi...

CVE-2024-33518

An unauthenticated Denial-of-Service DoS vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service...

CVE-2024-33516

An unauthenticated Denial of Service DoS vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller...