VYPR

Arubaos

by Arubanetworks

CVEs (52)

  • CVE-2026-44858HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44857HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44856HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44855HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44854HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote…

  • CVE-2026-44853HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote…

  • CVE-2026-44852HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    An authenticated remote code execution vulnerability exists in the AOS-8 and AOS-10 web-based management interface. A vulnerability in the certificate download functionality could allow an authenticated remote attacker to overwrite arbitrary files on the underlying operating…

  • CVE-2024-42503HigSep 17, 2024
    risk 0.47cvss 7.2epss 0.01

    Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). Successful exploitation of this vulnerabilities result in the ability to run arbitrary commands as a priviledge user on the underlying operating system.

  • CVE-2024-42502HigSep 17, 2024
    risk 0.47cvss 7.2epss 0.02

    Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system.

  • CVE-2024-42501HigSep 17, 2024
    risk 0.47cvss 7.2epss 0.01

    An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants.

  • CVE-2026-44873MedMay 12, 2026
    risk 0.35cvss 5.4epss 0.00

    A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration.…

  • CVE-2024-25614Mar 5, 2024
    risk 0.00cvss epss 0.01

    There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the…

  • CVE-2024-25612Mar 5, 2024
    risk 0.00cvss epss 0.01

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2024-25611Mar 5, 2024
    risk 0.00cvss epss 0.01

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2024-1356Mar 5, 2024
    risk 0.00cvss epss 0.01

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2023-35976Jul 5, 2023
    risk 0.00cvss epss 0.00

    Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.

  • CVE-2023-35974Jul 5, 2023
    risk 0.00cvss epss 0.01

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2023-35973Jul 5, 2023
    risk 0.00cvss epss 0.01

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2023-22768Feb 28, 2023
    risk 0.00cvss epss 0.02

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

  • CVE-2023-22766Feb 28, 2023
    risk 0.00cvss epss 0.02

    Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.