VYPR

AOS-8

by AOS-8

CVEs (13)

  • CVE-2026-44871HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on…

  • CVE-2026-44869HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44868HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44867HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44866HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44860HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted…

  • CVE-2026-44859HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44856HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44854HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote…

  • CVE-2025-23051HigJan 14, 2025
    risk 0.47cvss 7.2epss 0.01

    An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files.

  • CVE-2026-44873MedMay 12, 2026
    risk 0.35cvss 5.4epss 0.00

    A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration.…

  • CVE-2025-37143Oct 14, 2025
    risk 0.00cvss epss 0.00

    An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully…

  • CVE-2025-37141Oct 14, 2025
    risk 0.00cvss epss 0.00

    Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits.