Arubanetworks

Arubaos

207 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-37136

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:56:58
  • Zuletzt bearbeitet 12.11.2025 21:09:44

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbit...

6.5

CVE-2025-37135

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:56:37
  • Zuletzt bearbeitet 12.11.2025 21:12:21

Arbitrary file deletion vulnerabilities have been identified in the command-line interface of an AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated remote malicious actor to delete arbit...

7.2

CVE-2025-37134

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:56:05
  • Zuletzt bearbeitet 12.11.2025 16:24:16

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged u...

7.2

CVE-2025-37133

  • EPSS 0.09%
  • Veröffentlicht 14.10.2025 16:54:36
  • Zuletzt bearbeitet 12.11.2025 16:33:35

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller/Mobility Conductor operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged u...

7.2

CVE-2025-37132

  • EPSS 0.07%
  • Veröffentlicht 14.10.2025 16:53:16
  • Zuletzt bearbeitet 12.11.2025 16:35:17

An arbitrary file write vulnerability exists in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an authenticated malicious actor to upload arbitra...

6.1

CVE-2025-27084

Medienbericht
  • EPSS 0.12%
  • Veröffentlicht 08.04.2025 16:32:46
  • Zuletzt bearbeitet 12.11.2025 20:14:34

A vulnerability in the Captive Portal of an AOS-10 GW and AOS-8 Controller/Mobility Conductor could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack. Successful exploitation could enable the attacker to execute arbitra...

4.9

CVE-2025-27085

Medienbericht
  • EPSS 0.26%
  • Veröffentlicht 08.04.2025 16:29:25
  • Zuletzt bearbeitet 12.11.2025 20:27:45

Multiple vulnerabilities exist in the web-based management interface of AOS-10 GW and AOS-8 Controller/Mobility Conductor. Successful exploitation of these vulnerabilities could allow an authenticated, remote attacker to download arbitrary files from...

7.2

CVE-2025-27083

Medienbericht
  • EPSS 0.57%
  • Veröffentlicht 08.04.2025 16:26:50
  • Zuletzt bearbeitet 12.11.2025 19:14:51

Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller/Mobility Conductor web-based management interface. Successful exploitation of these vulnerabilities allows an Authenticated attacker to execute arbitrary comm...

7.2

CVE-2025-27082

Medienbericht
  • EPSS 0.44%
  • Veröffentlicht 08.04.2025 16:22:50
  • Zuletzt bearbeitet 12.11.2025 19:18:28

Arbitrary File Write vulnerabilities exist in the web-based management interface of both the AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. Successful exploitation could allow an Authenticated attacker to upload arbitrary files ...

7.2

CVE-2024-47463

  • EPSS 1.03%
  • Veröffentlicht 05.11.2024 23:15:04
  • Zuletzt bearbeitet 06.11.2024 18:17:17

An arbitrary file creation vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. Successful exploitation of this vulnerability could allow an authenticated remote attacker to create arbitrary files, which could lead to a remote...