CVE-2023-22786
Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol
In short
A buffer overflow vulnerability in Aruba access points allows attackers to send specially crafted network packets to port 8211 without authentication, potentially gaining the ability to run malicious code with high privileges on the device.
Technical detail
Multiple buffer overflow vulnerabilities exist in services accessible via the PAPI protocol (UDP port 8211) on Aruba access points. An unauthenticated remote attacker can exploit these by sending malformed packets, leading to arbitrary code execution with elevated privileges on the underlying operating system.
Summary generated and translated by AI from the official description.
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hewlett Packard Enterprise (HPE) · Aruba Access Points running InstantOS and ArubaOS 10Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →