Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-26304 PoC — Aruba Networks ArubaOS 安全漏洞

Source
https://github.com/X-Projetion/CVE-2024-26304-RCE-exploit
Associated Vulnerability
Title:Aruba Networks ArubaOS 安全漏洞 (CVE-2024-26304)
Description:There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
Description
CVE-2024-26304 is a critical vulnerability (CVSS score of 9.8) affecting ArubaOS
Readme
# CVE-2024-26304 - Remote Code Execution Vulnerability in ArubaOS

## Overview

**CVE-2024-26304** is a critical remote code execution (RCE) vulnerability affecting **ArubaOS** due to a buffer overflow in its L2/L3 Management service. An attacker can exploit this by sending specially crafted packets to the **PAPI** (Process Application Programming Interface) UDP port **8211**, resulting in the execution of arbitrary code with elevated privileges.

### CVSS Score: 9.8 (Critical)
- **Attack Vector**: Network
- **Attack Complexity**: Low
- **Privileges Required**: None
- **User Interaction**: None
- **Confidentiality Impact**: High
- **Integrity Impact**: High
- **Availability Impact**: High

## Affected Products

- ArubaOS systems with vulnerable versions
- Systems using the **PAPI UDP port 8211**

Refer to [Aruba's official advisory](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt) for details on affected versions.

## Exploitation

An unauthenticated remote attacker can exploit this vulnerability by sending malicious packets to the PAPI UDP port. Successful exploitation results in arbitrary code execution, enabling the attacker to take complete control over the device.

### Proof-of-Concept (PoC)

A proof-of-concept exploit is available for this vulnerability. The exploit script `CVE-2024-26304.py` demonstrates how an attacker can leverage the vulnerability to execute code on the target system.

## How to Use the Exploit Tool

The tool `CVE-2024-26304.py` is a proof-of-concept exploit script designed to demonstrate this vulnerability. Here’s how to run it:

### Prerequisites

- Python 3.x
- Required Python libraries (if any, listed in `requirements.txt`)

## Parameters
- target: The IP address of the vulnerable ArubaOS device.
- port: (Optional) The PAPI UDP port (default: 8211).

### Usage

1. Clone the repository:
   ```bash
   git clone https://github.com/your-repo/CVE-2024-26304
   cd CVE-2024-26304
   pip install -r requirements.txt
   python CVE-2024-26304.py --target <target_ip> --port 8211

## Disclaimer
This tool is intended for educational purposes and penetration testing within environments where you have explicit permission. Misuse of this tool can result in criminal charges or fines. The authors are not responsible for any misuse.
File Snapshot

 [4.0K]  /data/pocs/51d8ec7a4bfe4de64d3081fefa5415c1335397cd
├── [6.1K]  CVE-2024-26304.py
├── [2.2K]  README.md
└── [  37]  requirements.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →