← back
CVE-2024-26304

CVE-2024-26304

CVSS 9.8 CRITICALEPSS 44.0%CWE-121
In short

A buffer overflow flaw in Aruba's access point management service allows attackers to send specially crafted network packets to a specific UDP port, potentially executing malicious code on the device without authentication.

Technical detail

Buffer overflow vulnerability in the L2/L3 Management service exposed via the PAPI protocol on UDP port 8211 allows unauthenticated remote attackers to achieve arbitrary code execution with privileged privileges; exploitation requires sending specially crafted packets that overflow memory boundaries, enabling OS-level command execution.

Summary generated and translated by AI from the official description.
There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Hewlett Packard Enterprise (HPE) · Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
public PoCs found1
githubgithub.com/X-Projetion/CVE-2024-26304-RCE-exploit6
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt