CVE-2024-42507
CVSS 3.1 Score 9.8 of 10 (high)
Details
Published Sep 25, 2024
Updated: Sep 26, 2024
CWE ID 77
Summary
CVE-2024-42507 is a critical vulnerability affecting the CLI service of Aruba Access Points. The vulnerability allows unauthenticated attackers to inject commands via specially crafted packets to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Exploitation of these vulnerabilities can result in remote code execution with privileged user access to the underlying operating system. This poses a significant risk to network security and should be addressed promptly by applying the necessary patches.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- ArubaOS
Affected Vendors
- Aruba Networks