CVE-2024-42505

Name of the Vulnerable Software and Affected Versions Aruba Access Points (affected versions not specified)

Description Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system. The issue is due to improper neutralization of special elements in commands, potentially creating a risk for enterprise networks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.