vulnerability

Aruba AOS-8: CVE-2024-42501: Authenticated Path Traversal Vulnerability Leads to a Remote Command Execution (RCE)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:M/C:C/I:C/A:C)	2024-09-17	2025-01-14	2025-04-03

Severity

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:C)

Published

2024-09-17

Added

2025-01-14

Modified

2025-04-03

Description

An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants.

Solution

aruba-aos-8-cve-2024-42501

References

CVE-2024-42501
https://attackerkb.com/topics/CVE-2024-42501
URL-https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04709.json

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today