Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
References
Configurations
No configuration.
History
26 Sep 2024, 13:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Sep 2024, 01:36
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-77 |
25 Sep 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-25 01:15
Updated : 2024-09-26 13:32
NVD link : CVE-2024-42506
Mitre link : CVE-2024-42506
CVE.ORG link : CVE-2024-42506
JSON object : View
Products Affected
No product.
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')