Arubanetworks

Arubaos

195 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2025-37134

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:56:05
  • Zuletzt bearbeitet 12.11.2025 16:24:16

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged u...

7.2

CVE-2025-37133

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:54:36
  • Zuletzt bearbeitet 12.11.2025 16:33:35

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged u...

7.2

CVE-2025-37132

  • EPSS 0.06%
  • Veröffentlicht 14.10.2025 16:53:16
  • Zuletzt bearbeitet 12.11.2025 16:35:17

An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitra...

6.1

CVE-2025-27084

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 08.04.2025 16:32:46
  • Zuletzt bearbeitet 12.11.2025 20:14:34

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitra...

4.9

CVE-2025-27085

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 08.04.2025 16:29:25
  • Zuletzt bearbeitet 12.11.2025 20:27:45

Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from...

7.2

CVE-2025-27083

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 08.04.2025 16:26:50
  • Zuletzt bearbeitet 12.11.2025 19:14:51

Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary comm...

7.2

CVE-2025-27082

Medienbericht
  • EPSS 0.07%
  • Veröffentlicht 08.04.2025 16:22:50
  • Zuletzt bearbeitet 12.11.2025 19:18:28

Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files ...

7.2

CVE-2024-47463

  • EPSS 0.58%
  • Veröffentlicht 05.11.2024 23:15:04
  • Zuletzt bearbeitet 06.11.2024 18:17:17

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote...

9.8

CVE-2024-42509

  • EPSS 0.69%
  • Veröffentlicht 05.11.2024 23:15:03
  • Zuletzt bearbeitet 06.11.2024 18:17:17

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploit...

9

CVE-2024-47460

  • EPSS 0.29%
  • Veröffentlicht 05.11.2024 23:15:03
  • Zuletzt bearbeitet 06.11.2024 18:17:17

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploit...