Arubanetworks

Edgeconnect Sd-wan Orchestrator

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2025-37181

Medienbericht
  • EPSS 0.09%
  • Veröffentlicht 14.01.2026 16:26:00
  • Zuletzt bearbeitet 20.01.2026 18:17:46

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands...

4.8

CVE-2025-37185

  • EPSS 0.04%
  • Veröffentlicht 14.01.2026 16:20:30
  • Zuletzt bearbeitet 20.01.2026 18:14:09

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attacks against an administrative user of the interface. A successful...

9.8

CVE-2025-37184

  • EPSS 0.08%
  • Veröffentlicht 14.01.2026 16:19:45
  • Zuletzt bearbeitet 20.01.2026 18:15:55

A vulnerability exists in an Orchestrator service that could allow an unauthenticated remote attacker to bypass multi-factor authentication requirements. Successful exploitation could allow an attacker to create an admin user account without the nece...

7.2

CVE-2025-37183

  • EPSS 0.09%
  • Veröffentlicht 14.01.2026 16:18:14
  • Zuletzt bearbeitet 20.01.2026 18:17:09

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands...

7.2

CVE-2025-37182

  • EPSS 0.09%
  • Veröffentlicht 14.01.2026 16:17:12
  • Zuletzt bearbeitet 20.01.2026 18:17:30

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands...

8.8

CVE-2024-41136

  • EPSS 0.33%
  • Veröffentlicht 24.07.2024 21:15:11
  • Zuletzt bearbeitet 21.11.2024 09:32:18

An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged...

7.2

CVE-2024-41134

  • EPSS 0.73%
  • Veröffentlicht 24.07.2024 20:15:04
  • Zuletzt bearbeitet 21.11.2024 09:32:18

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result ...

7.2

CVE-2024-41133

  • EPSS 0.73%
  • Veröffentlicht 24.07.2024 20:15:04
  • Zuletzt bearbeitet 21.11.2024 09:32:17

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result ...

7.2

CVE-2024-41135

  • EPSS 0.73%
  • Veröffentlicht 24.07.2024 20:15:04
  • Zuletzt bearbeitet 21.11.2024 09:32:18

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result ...

7.2

CVE-2024-33519

  • EPSS 0.67%
  • Veröffentlicht 24.07.2024 20:15:03
  • Zuletzt bearbeitet 21.11.2024 09:17:04

A vulnerability in the web-based management interface of HPE Aruba Networking EdgeConnect SD-WAN gateway could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. Successful exploitation of this vulnerability c...