CVE-2024-31473

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published May 14, 2024

Updated: May 15, 2024

Summary

CVE-2024-31473 is a command injection vulnerability affecting the deauthentication service of Aruba's Access Point management protocol (PAPI). By sending carefully crafted packets to the UDP port 8211, an attacker can execute arbitrary code on the underlying operating system without authentication. This vulnerability could potentially lead to serious consequences, including privilege escalation and system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/v7zmnZ
https://www.cve.org/CVERecord?id=CVE-2024-31473
https://nvd.nist.gov/vuln/detail/CVE-2024-31473

Back to Vulnerability Database

CVE-2024-31473

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations