Filtered by vendor Arubanetworks
Subscribe
Total
584 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-23826 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-15 | N/A | 7.5 HIGH |
| A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending specially crafted network packets to the affected device, potentially resulting in a denial-of-service condition. Successful exploitation could cause the affected service process to terminate unexpectedly, disrupting normal device operations. | |||||
| CVE-2026-23824 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-15 | N/A | 7.5 HIGH |
| Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition. | |||||
| CVE-2026-23825 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-15 | N/A | 7.5 HIGH |
| Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted network messages to the affected service. Due to insufficient input validation, successful exploitation may terminate a critical system process, resulting in a denial-of-service condition. | |||||
| CVE-2026-44873 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-15 | N/A | 5.4 MEDIUM |
| A session management vulnerability in AOS-8 allows previously authenticated users to retain network access after their accounts are administratively disabled. Existing sessions are not invalidated when credentials are revoked, enabling continued access until session expiration. An attacker with compromised credentials could exploit this behavior to maintain unauthorized access even after the account has been disabled. | |||||
| CVE-2026-44874 | 1 Arubanetworks | 1 Arubaos | 2026-05-15 | N/A | 4.9 MEDIUM |
| A vulnerability exists in the web-based management interface of an AOS-10 Gateway that could allow an authenticated remote attacker to access sensitive files on the underlying operating system. Successful exploitation of this vulnerability could result in the disclosure of confidential system information, potentially enabling further attacks against the affected device. | |||||
| CVE-2026-44865 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-15 | N/A | 7.2 HIGH |
| Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44855 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system. | |||||
| CVE-2026-44856 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system. | |||||
| CVE-2026-44857 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system. | |||||
| CVE-2026-44858 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system. | |||||
| CVE-2026-44859 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authenticated attacker with administrative privileges could exploit these vulnerabilities by sending specially crafted requests to the affected services. Successful exploitation could allow the attacker to execute arbitrary code with elevated privileges on the underlying operating system. | |||||
| CVE-2026-44860 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44861 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44862 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44863 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44864 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with administrative privileges could exploit these vulnerabilities by injecting crafted input into parameters that are passed unsanitized to backend database queries. Successful exploitation could allow the attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44867 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44868 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44869 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Command injection vulnerabilities exist in the web-based management interface of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. | |||||
| CVE-2026-44870 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-05-14 | N/A | 7.2 HIGH |
| Command injection vulnerabilities exist in the command line interface (CLI) service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying operating system. | |||||