VYPR

Aos

by Alcatel Lucent

CVEs (4)

  • CVE-2026-44861HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted…

  • CVE-2025-37139MedOct 14, 2025
    risk 0.39cvss 6.0epss 0.00

    A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected…

  • CVE-2008-4383Oct 3, 2008
    risk 0.01cvss epss 0.08

    Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01,…

  • CVE-2002-1272Dec 11, 2002
    risk 0.00cvss epss 0.05

    Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges.