CVE-2024-26305
CVE-2024-26305
In short
A buffer overflow flaw in Aruba's access point management protocol allows attackers to send malicious packets to a network port and take complete control of the device by running harmful code with system privileges. This can happen without needing any login credentials.
Technical detail
Buffer overflow in the Utility daemon's PAPI UDP service (port 8211) permits unauthenticated remote code execution. The vulnerability is triggered via specially crafted packets that overflow memory buffers, enabling arbitrary code execution with elevated privileges on the underlying OS.
Summary generated and translated by AI from the official description.
There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →