Total
992 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-33516 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
| An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. | |||||
| CVE-2024-33515 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | |||||
| CVE-2024-33514 | 2024-07-03 | N/A | 5.3 MEDIUM | ||
| Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. | |||||
| CVE-2024-33512 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-33511 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2024-33215 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat. | |||||
| CVE-2024-33213 | 2024-07-03 | N/A | 6.5 MEDIUM | ||
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic. | |||||
| CVE-2024-33211 | 2024-07-03 | N/A | 7.3 HIGH | ||
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex. | |||||
| CVE-2024-32320 | 2024-07-03 | N/A | 5.9 MEDIUM | ||
| Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the timeZone parameter in the formSetTimeZone function. | |||||
| CVE-2024-32318 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the vlan parameter in the formSetVlanInfo function. | |||||
| CVE-2024-32315 | 2024-07-03 | N/A | 4.7 MEDIUM | ||
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | |||||
| CVE-2024-32313 | 2024-07-03 | N/A | 6.5 MEDIUM | ||
| Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the adslPwd parameter of the formWanParameterSetting function. | |||||
| CVE-2024-32312 | 2024-07-03 | N/A | 5.7 MEDIUM | ||
| Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the adslPwd parameter of the formWanParameterSetting function. | |||||
| CVE-2024-32311 | 2024-07-03 | N/A | 6.5 MEDIUM | ||
| Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | |||||
| CVE-2024-32306 | 2024-07-03 | N/A | 5.7 MEDIUM | ||
| Tenda AC10U v1.0 Firmware v15.03.06.49 has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32305 | 2024-07-03 | N/A | N/A | ||
| Tenda A18 v15.03.05.05 firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32301 | 2024-07-03 | N/A | 9.8 CRITICAL | ||
| Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32299 | 2024-07-03 | N/A | N/A | ||
| Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32291 | 2024-07-03 | N/A | 7.5 HIGH | ||
| Tenda W30E v1.0 firmware v1.0.1.25(633) has a stack overflow vulnerability via the page parameter in the fromNatlimit function. | |||||
| CVE-2024-32290 | 2024-07-03 | N/A | 6.7 MEDIUM | ||
| Tenda W30E v1.0 v1.0.1.25(633) firmware has a stack overflow vulnerability via the page parameter in the fromAddressNat function. | |||||