← back
CVE-2023-22751

Unauthenticated Stack-Based Buffer Overflow Vulnerabilities in the PAPI Protocol

CVSS 9.8 CRITICALEPSS 1.3%CWE-787
There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hewlett Packard Enterprise (HPE) · Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt