- Description
- Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Successful exploitation of these vulnerabilities result in the ability of an attacker to execute arbitrary commands as a privileged user on the underlying operating system. Exploitation requires administrative authentication credentials on the host system.
- Source
- security-alert@hpe.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-77
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
HPE Aruba Networking 501 Wireless Client Bridge Authenticated Remote Command Injections (CVE-2024-54006 & CVE-2024-54007) https://t.co/VJNdRakQ6R
@TMJIntel
9 Jan 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available https://t.co/PbNIzbr4zb
@Dinosn
9 Jan 2025
3241 Impressions
18 Retweets
43 Likes
12 Bookmarks
0 Replies
0 Quotes
CVE-2024-54007 Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client Bridge which could lead to authenticated remote command execution. Su… https://t.co/rL80R6R6vX
@CVEnew
8 Jan 2025
192 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes