CVE-2024-33511
CVE-2024-33511
In short
A buffer overflow flaw in Aruba's Automatic Reporting service allows attackers to send specially crafted packets to UDP port 8211 and execute arbitrary code on the system without needing to log in, potentially compromising the entire device.
Technical detail
A stack-based buffer overflow exists in the PAPI (Automatic Reporting service) UDP listener on port 8211, exploitable via unauthenticated remote packet transmission without authentication requirements. Successful exploitation grants arbitrary code execution with elevated privileges on the underlying OS, bypassing all access controls.
Summary generated and translated by AI from the official description.
There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →