- Description
- Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
- Source
- security-alert@hpe.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-77
- Hype score
- Not currently trending
Actively exploited CVE : CVE-2024-42509
@transilienceai
23 Nov 2024
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
For @HPE Aruba APs on Instant AOS-8 & AOS-10; CVE-2024-42509 and CVE-2024-47460 in the most recent security advisory are rated 9.8 and 9.0 respectively. 4 other CVEs in the same advisory with RCE and Unauthenticated Command Injection in the CLI via PAPI. https://t.co/MCIw2W7
@Sujeet
21 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-42509
@transilienceai
20 Nov 2024
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
HPE Aruba の脆弱性 CVE-2024-42509 (CVSS 9.8) などが FIX:ただちにアップデートを! https://t.co/V7yOO4pTN2 #HPEAruba #RCE #Vulnerability
@iototsecnews
18 Nov 2024
157 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HPE update software Instant AOS-8 และ AOS-10 เพื่อแก้ไขช่องโหว่CVE-2024-42509 และ CVE-2024-47460 เพื่อป้องกันการโจมตี Remote Code Execution (RCE) ที่จะถูกเข้าถึงได้ผ่านโปรโตคอล PAPI ทางเราแนะนำให้ผู้ใช้ AP ของ HPE update version หากสนใจ Aruba ติดต่อเราได้นะคะ #comnet #aruba htt
@Comnet_TH
13 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
HPE社がAruba無線LANアクセスポイントで複数の重大(Critical)な脆弱性を修正。CVE-2024-42509とCVE-2024-47460はUDP 8211で起動している管理CLIサービスPAPIにおける未認証でのコマンドインジェクション。 https://t.co/kRoE9t4NSJ
@__kokumoto
12 Nov 2024
1932 Impressions
9 Retweets
25 Likes
4 Bookmarks
1 Reply
1 Quote
HPE warns of critical RCE flaws in Aruba Networking access points: https://t.co/Na8ANnNbeT Hewlett Packard Enterprise (HPE) issued updates for critical vulnerabilities in Aruba Networking Access Points, tracked as CVE-2024-42509 (9.8 severity) and CVE-2024-47460 (9.0 severity),…
@securityRSS
12 Nov 2024
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Command Injection Flaws found in Aruba Networking Access Points! Remote code execution is possible—CVE-2024-42509 & CVE-2024-47460 threaten your network’s security. Don't wait for an attack! https://t.co/JMgDy84Vky
@isectech_
11 Nov 2024
62 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Command Injection Flaws found in Aruba Networking Access Points! Remote code execution is possible—CVE-2024-42509 & CVE-2024-47460 threaten your network’s security. Don't wait for an attack! Read more: https://t.co/jF3vRnso6o 👉 Patch your devices NOW.
@TheHackersNews
11 Nov 2024
10071 Impressions
12 Retweets
30 Likes
3 Bookmarks
0 Replies
3 Quotes
🚨🚨CVE-2024-42509 (CVSS: 9.8) : Critical Vulnerability Discovered in Progress LoadMaster ⚠️Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access…
@zoomeye_team
8 Nov 2024
363 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Vulnerability Alert 🚨 Aruba Access Points are facing a severe threat with CVE-2024-42509. Don’t let your network fall prey to attackers—get protected with Infoshare systems expert solutions. https://t.co/Su7MKxJhSP
@Infosharenew
8 Nov 2024
25 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Critical Vulnerability Alert Aruba Access Points are facing a severe threat with CVE-2024-42509. Don’t let your network fall prey to attackers—get protected with Varutra's expert solutions. https://t.co/bqGiA0KKi5
@varutra
8 Nov 2024
41 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Security Bulletin: HPE Aruba Remote Code Execution Vulnerabilities - CVE-2024-47460 and CVE-2024-42509 are critical command injection vulnerabilities in the underlying CLI service of Aruba's Access Point management protocol (PAPI). #ThreatIntel #CTI https://t.co/a6d01tgdAn
@RedLegg
7 Nov 2024
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-42509: RCE in Aruba, 9.8 rating 🔥 The vulnerability allows an attacker to perform RCE by sending specially crafted packets. Search at https://t.co/hv7QKSr5Jp: 👉 Link: https://t.co/kWZza91jRw #cybersecurity #vulnerability_map #aruba https://t.co/pADtMlNb5v https://t.
@Netlas_io
7 Nov 2024
838 Impressions
3 Retweets
15 Likes
6 Bookmarks
0 Replies
0 Quotes
🚨 Critical Vulnerabilities Alert! 🚨 Cisco URWB and HPE Aruba Access Points are affected by CVE-2024-20418 and CVE-2024-42509, risking unauthorized access. Our insights can help you discover mitigation steps. 👉 https://t.co/eU7ZD9Pw0r #CyberSecurity #Cisco #HPE… https://t.co/p
@socradar
7 Nov 2024
46 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-42509 (CVSS 9.8): Critical Vulnerability Exposes Aruba Access Points to Attack - HPE Aruba Networking warns of multiple critical flaws in Access Points running AOS-8 & AOS-10, risking remote code execution (RCE). - **CVE-2024-42509** is a severe unauthenticated…
@Ransom_DB
7 Nov 2024
114 Impressions
1 Retweet
2 Likes
1 Bookmark
0 Replies
0 Quotes
We have just added an important vulnerability affecting HPE Aruba Networking Access Point and other products (CVE-2024-42509) https://t.co/7EMw8yMCNv
@vuldb
6 Nov 2024
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-42509 Unauthenticated Remote Code Execution via CLI Injection i... https://t.co/aRfri8GL51 Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
6 Nov 2024
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-42509 and CVE-2024-47460 : CRITICAL Remote Code Execution vulnerabilities in HPE Aruba Access Points. #PatchNOW #Vulnerability #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #CyberSecurityAwareness #DataBreach https://t.co/UE2mIYuk2k
@patchnow24x7
6 Nov 2024
39 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-42509 and CVE-2024-47460 : CRITICAL Remote Code Execution vulnerabilities in HPE Aruba Access Points. #PatchNOW Technical Details and Analysis: https://t.co/wOUkk79Q5z #cybersecurity #ComputerSecurity #hacked #Cyberattack #infosec #informationsecurity #DataBreach https
@patchnow24x7
6 Nov 2024
243 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
2 Quotes
[CVE-2024-42509: CRITICAL] A Command injection vulnerability in Aruba's Access Point management protocol can allow unauthenticated remote code execution via specially crafted packets to the UDP port.#cybersecurity,#vulnerability https://t.co/szFq4qlh8h https://t.co/8Gh4Tl01i4
@CveFindCom
5 Nov 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes