Filtered by vendor Arubanetworks
Subscribe
Total
584 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-37170 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.2 HIGH |
| Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2025-37169 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.2 HIGH |
| A stack overflow vulnerability exists in the AOS-10 web-based management interface of a Mobility Gateway. Successful exploitation could allow an authenticated malicious actor to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2025-37168 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 8.2 HIGH |
| Arbitrary file deletion vulnerability have been identified in a system function of mobility conductors running AOS-8 operating system. Successful exploitation of this vulnerability could allow an unauthenticated remote malicious actor to delete arbitrary files within the affected system and potentially result in denial-of-service conditions on affected devices. | |||||
| CVE-2025-37163 | 1 Arubanetworks | 1 Airwave | 2026-06-17 | N/A | 7.2 HIGH |
| A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system. | |||||
| CVE-2025-37162 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 6.5 MEDIUM |
| A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2025-37161 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.5 HIGH |
| A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations. | |||||
| CVE-2025-37145 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37144 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37143 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| An arbitrary file download vulnerability exists in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37142 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37141 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37140 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Arbitrary file download vulnerabilities exist in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to download arbitrary files through carefully constructed exploits. | |||||
| CVE-2025-37138 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 6.2 MEDIUM |
| An authenticated command injection vulnerability exists in the command line interface binary of AOS-10 GW and AOS-8 Controllers/Mobility Conductor operating system. Exploitation of this vulnerability requires physical access to the hardware controllers. A successful attack could allow an authenticated malicious actor with physical access to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2025-37137 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 6.5 MEDIUM |
| Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system. | |||||
| CVE-2025-37136 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 6.5 MEDIUM |
| Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system. | |||||
| CVE-2025-37135 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 6.5 MEDIUM |
| Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbitrary files within the affected system. | |||||
| CVE-2025-37134 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.2 HIGH |
| An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2025-37133 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.2 HIGH |
| An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system. | |||||
| CVE-2025-37132 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 7.2 HIGH |
| An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitrary files and execute arbitrary commands on the underlying operating system. | |||||
| CVE-2025-27085 | 1 Arubanetworks | 1 Arubaos | 2026-06-17 | N/A | 4.9 MEDIUM |
| Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from the filesystem of an affected device. | |||||