cbcvebase.
CVE-2024-42506
published 2024-09-25

CVE-2024-42506: Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets…

PriorityP272critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.43%
69.7th percentile
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Affected

4 ranges
VendorProductVersion rangeFixed in
hewlett_packard_enterprisearuba_osVersion 10.0.0.0: 10.4.1.13 and below – <=10.4.1.13
hewlett_packard_enterprisearuba_osVersion 10.5.0.0: 10.6.0.2 and below – <=10.6.0.2
hewlett_packard_enterprisearuba_osVersion 6.4.0.0: 8.10.0.13 and below – <=8.10.0.13
hewlett_packard_enterprisearuba_osVersion 8.11.0.0: 8.12.0.1 and below – <=8.12.0.1

Detection & IOCsextracted from sources · hover to see the quote

portUDP/8211
  • Alert on command injection activity originating from the CLI service process on Aruba Access Points, particularly any process spawning with privileged user context following inbound UDP/8211 traffic.
  • For Instant AOS-8.x devices, absence of 'cluster-security' configuration combined with exposure of UDP/8211 to untrusted networks is a high-risk indicator. For AOS-10 devices, any access to UDP/8211 from untrusted networks should be treated as suspicious.
  • ·No public exploit code was available and no active exploitation reported at time of disclosure, but the vulnerability is unauthenticated and remotely exploitable with no prerequisites beyond network access to UDP/8211.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.