VYPR

AOS-10

by AOS-8

CVEs (12)

  • CVE-2026-44871HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on…

  • CVE-2026-44869HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44867HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44866HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system.

  • CVE-2026-44859HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44856HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these…

  • CVE-2026-44854HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated remote attacker to upload arbitrary files to the underlying operating system, potentially leading to remote…

  • CVE-2026-23823HigMay 12, 2026
    risk 0.47cvss 7.2epss 0.01

    A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This…

  • CVE-2025-23051HigJan 14, 2025
    risk 0.47cvss 7.2epss 0.01

    An authenticated parameter injection vulnerability exists in the web-based management interface of the AOS-8 and AOS-10 Operating Systems. Successful exploitation could allow an authenticated user to leverage parameter injection to overwrite arbitrary system files.

  • CVE-2024-47464MedNov 5, 2024
    risk 0.44cvss 6.8epss 0.01

    An authenticated Path Traversal vulnerability exists in Instant AOS-8 and AOS-10. Successful exploitation of this vulnerability allows an attacker to copy arbitrary files to a user readable location from the command line interface of the underlying operating system, which could…

  • CVE-2025-37148MedOct 14, 2025
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the parsing of ethernet frames in AOS-8 Instant and AOS 10 could allow an unauthenticated remote attacker to conduct a denial of service attack. Successful exploitation could allow an attacker to potentially disrupt network services and require manual…

  • CVE-2025-27078MedApr 8, 2025
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated remote attacker to inject commands into the underlying operating system while using the CLI. Successful exploitation could lead to complete system compromise.