VYPR
High severity7.5NVD Advisory· Published May 12, 2026· Updated May 15, 2026

CVE-2026-23827

CVE-2026-23827

Description

A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to achieve remote code execution. Successful exploitation could allow an unauthenticated attacker to execute arbitrary code as a privileged user on the underlying operating system, potentially leading to a system compromise. Exploitation may also result in a denial-of-service (DoS) condition affecting the impacted system process.

Affected products

2
  • cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*
    Range: >=8.6.0.4-2.2.0.0,<=8.6.0.4-2.2.0.7
  • cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
    Range: >=6.5.4.0,<8.10.0.22

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.