← Back to CVEs
CVE-2023-22752
CRITICAL9.8
Description
There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/1/2023
Last Modified3/11/2025
Sourcenvd
Honeypot Sightings0
Affected Products
arubanetworks:arubaosarubanetworks:sd-wan
Weaknesses (CWE)
CWE-787CWE-787
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt(security-alert@hpe.com)
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.