Critical severity9.8NVD Advisory· Published May 1, 2024· Updated Apr 15, 2026

CVE-2024-26304

Description

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.059
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000