cbcvebase.
CVE-2024-47460
published 2024-11-05

CVE-2024-47460: Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined…

PriorityP269critical9CVSS 3.1
AVNACHPRNUINSCCHIHAH
EPSS
1.40%
69.1th percentile
Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Detection & IOCsextracted from sources · hover to see the quote

portUDP/8211
  • Monitor for unexpected or malformed UDP packets destined to port 8211 (PAPI protocol), which may indicate exploitation attempts targeting CVE-2024-47460.
  • Alert on unauthenticated command injection attempts via the CLI service of Aruba Access Points, particularly traffic arriving over PAPI UDP port 8211 that results in privileged process execution.
  • ·Both CVE-2024-42509 and CVE-2024-47460 affect Aruba Networking Access Points running Instant AOS-8 and AOS-10 software; HPE has released updates for both software lines.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.